How can you run traffic shaping without the firewall enabled?
-
I have a gateway router running PFSense 1.2-RC2 which is multi-homed to 4 upstream ISP via BGP and 3 Internal network with a /24, a /26 and a /27 blocks.
We have a big VoIP network and I'd fiddled around with static-port/NAT AON but the RTP stream is still not passing properly with the firewall enabled - getting the infamous VoIP 1 Way-Audio on all calls. Port 5060/5061 seems fine i.e. static port maps it correctly.
firewall setup is really basic -Block RFC1918 and let everything else pass thru b/w all interfaces. We dont need to do NAT since all IPs are public (including the Internal Network) and the servers farm does its own firewalling, so essentially i can do without the FW on the gateway
But I really want to be able to use ALTQ to shape and police the traffic. Can this be accomplished? Any insight would be much appreciated.
-m-
-
ok ..pretty much figured it out ..she's up and running