replace home phone with VOIP phone
-
@bbcmodelb
Skype Cloud is "dead/dying" - Replaced by Teams -
I thought Teams was aimed at business and Skype was still alive and kicking for consumer use.
-
Can't remember the last time I used Skype. I used to have a stand-alone Skype hardware phone but that was rendered obsolete some time ago after MS bought it.
-
so I've picked up a Gigaset c300 handset & n300ai base unit, for voip use
I've signed up with a local provider and hooked up the phone earlier today
I made a test outgoing call - worked fine
I made a test incoming call - worked fine BUT I was expecting my pfsense router to block itI haven't made any special allowances for the voip phone, yet my router lets the call through and handset successfully rings and lets me answer the call
can someone explain how this worked? I was expecting to set up port forwarding or something to permit an incoming call?
-
@bbcmodelb said in replace home phone with VOIP phone:
can someone explain how this worked?
I haven't checked for details, but I suspect the phone initiates the connection to the server and maintains some traffic that will keep the connection alive. When a device on the LAN initiates a connection, firewalls automagically allow the return traffic.
Fire up Packet Capture to see what's happening.
-
Yup, that's what I expect to happen.
The phone initiates the SIP session with an external provider outbound. pfSense allows that because it's an outbound connection. The SIP session and firewall state are held open with keep alive packets. The provider is able to use that open session to send the SIP invites for the incoming call. The phone uses the info in the invite to initiate and RDP session with the provider. The provider uses that open session/state to send the incoming audio back. The call succeeds.For phones behind the firewall talking to an external server usually no special settings are required in pfSense.
https://docs.netgate.com/pfsense/en/latest/recipes/nat-voip-phones.html#configuring-nat-for-voip-phonesSteve
-
ah, thank you both for explaining that - makes sense
I thought, I wonder if its using some kind of NAT where the phone keeps pulsing the the remote PBX, in order the for PBX to initiate a call to my router
Is there anything, security wise, to be aware of?
-
I would probably check the state table for the phone IP and see what else it's connecting to. It's probably 'phoning home' for firmware updates etc. Setting up a separate pass rule for just that IP with logging would catch that over a longer period.
Ideally you would put the phone in a separate subnet so that if the phone itself was ever compromised (unlikely) it would not have access to other local hosts.Steve
-
@bbcmodelb said in replace home phone with VOIP phone:
so I've picked up a Gigaset c300 handset & n300ai base unit, for voip use
I've signed up with a local provider and hooked up the phone earlier today
I made a test outgoing call - worked fine
I made a test incoming call - worked fineThe Base is keeping the session to your sip provider "open" all the time.
The Gigaset bases usually can bind to 6 DECT handsets , if you need more of those. And i think they can register with 6 different providers at the same time too.
/Bingo
-
looks like everything is working now!
many thanks to everyone who gave their input!
