• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Using OPT for VOIP but still part of LAN

Scheduled Pinned Locked Moved General pfSense Questions
6 Posts 3 Posters 1.1k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S
    strikeshield
    last edited by Apr 16, 2015, 11:09 PM

    Hi,
    sorry if this is an elementary question but I am not sure how to proceed.
    I have a box witth WAN, LAN and OPT ports. I run my Grandstream VOIP box with fixed IP
    into the LAN switch. Can I plug it into the OPT port and keep it as part of the LAN ?
    Would I need a Bridge or LAGG..not sure how to go about this.

    any asisstance would be greatly appreciated.

    regards,

    Chris

    1 Reply Last reply Reply Quote 0
    • K
      kejianshi
      last edited by Apr 16, 2015, 11:22 PM

      Why would you want to keep it on the LAN?  Or for that matter why would you want to plug it into OPT?

      I'd only want to plug something into OPT for the sole purpose of getting it off the LAN.

      Whats your goal?

      1 Reply Last reply Reply Quote 0
      • S
        strikeshield
        last edited by Apr 17, 2015, 2:07 PM

        The internet access is via PPOE access which is handled by the pfsense box via a VLAN tag.
        The lan port is connected to a number of switches. I wanted to isolate the VOIP from the LAN via the OPT
        port but it needs to either get a DHCP address or run with a fixed IP address. Could or should this IP address be on the same LAN segment ? It can change, but I'm not sure if the OPT port can run as a LAN port.

        any clearer ?

        Chris

        1 Reply Last reply Reply Quote 0
        • K
          kejianshi
          last edited by Apr 17, 2015, 2:12 PM

          It shouldn't break anything by putting it on the same subnet as the lan, but in that case, I'd leave it on the same switch as the LAN.

          If you wish to isolate it from the LAN or treat it very differently than the rest of the LAN, then it makes sense to put it on OPT.

          I always kept mine on the LAN.  I personally had no reason not to.

          Some people like to create firewall barriers.

          1 Reply Last reply Reply Quote 0
          • A
            almabes
            last edited by Apr 17, 2015, 6:33 PM Apr 17, 2015, 6:23 PM

            Sure, you can move it over to a different interface.  But it will not be part of the LAN address range.  It will be something completely different.  Your pfSense box will routing the traffic and control access to what IPs have access to the VOIP box.

            1.  You'll need to provision a new private IP address range for the OPT1 interface, and then either set an IP address in that range on your VOIP box or enable the DHCP server for the OPT1 interface and let that handle the configuration for you.  Furthermore, you could statically map the DHCP address, so your VOIP box always gets the same IP address from the pfSense DHCP server.

            2.  You'll need to set up rules.  You'll need a rule to allow traffic out the OPT1 interface to your VOIP provider IP.  You may also want a rule that allows traffic from an IP or two on your LAN interface access to whatever port(s) are appropriate for the VOIP box's configuration interface.

            NOTE:
            Some VOIP providers and devices need static NAT rules to work properly.  Some don't.  This is highly dependent on the provider and your grandstream box.

            1 Reply Last reply Reply Quote 0
            • A
              almabes
              last edited by Apr 17, 2015, 6:49 PM

              Ok…so I saw another thread you have out there about moving an old router to the OPT1 interface on the pfSense box and setting it up to be just an AP.  Get that done first, then come back to this thread/task.

              1 Reply Last reply Reply Quote 0
              2 out of 6
              • First post
                2/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received