[Freeswitch-users] Should vpn address space be defined as part of local network?
Rajil Saraswat
rajil.s at gmail.com
Tue Jul 28 03:58:05 MSD 2015
Hello all,
I am trying to get my head around the nat.auto and localnet.auto acls.
I have a VPN server using the 10.8.0.0/24 address space with gateway
on 10.8.0.1. The PBX is on the local lan (172.16.5.0/24) with ip
172.16.5.5. When freeswitch starts i see it builds the following acls
nat.auto
Created ip list nat.auto default (deny)
Adding 172.16.5.5/255.255.255.0 (deny) to list nat.auto
Adding 10.0.0.0/8 (allow) [] to list nat.auto
Adding 172.16.0.0/12 (allow) [] to list nat.auto
localnet.auto
Created ip list localnet.auto default (deny)
Adding 172.16.5.5/255.255.255.0 (allow) to list localnet.auto
Do i need to move my vpn address space (10.8.0.0/16) from nat.auto to
the localnet.auto so that it not natted? Something like this:
nat.auto
172.16.5.5/255.255.255.0 (deny)
10.0.0.0/8 (allow)
172.16.0.0/12 (allow)
10.8.0.0/16 (deny)
localnet.auto
172.16.5.5/255.255.255.0 (allow)
10.8.0.0/16 (allow)
Thanks
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list