<p>I have used asterisk over openswan in production for quite a time and if you're going for <500cps , you shouldn't worry and put them on same machine. Freeswitch deployment is the same. I would recommend against a proprietary or commercial ipsec implementation appliance. The learning curve is steep and troubleshooting is not easier by no means. Build your test setup and go for it.</p>
<div class="gmail_quote">On Apr 9, 2013 9:47 PM, "Cal Leeming [Simplicity Media Ltd]" <<a href="mailto:cal.leeming@simplicitymedialtd.co.uk">cal.leeming@simplicitymedialtd.co.uk</a>> wrote:<br type="attribution">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>From personal experience, I would strongly recommend running the VPN within the network layer rather than directly on the server.</div>
<div><br></div><div>You could use a pre-built appliance for this (such as Halon VSR), or build your own router using iptables, or even use a Cisco etc.</div>
<div><br></div><div>This means you don't have to maintain a tunnel for each individual machines, and keeps a nice clean separation of layers which makes debugging networking problems easier.</div><div><br></div><div>
If you use this approach, then running FreeSWITCH over any tunnel should *just work*.. if you use it locally, then strange things might happen..</div>
<div><br></div><div>This is just based on my own personal experience, others may disagree.. YMMV :)<br><br>Hope this helps</div><div><br>Cal</div><br><div class="gmail_quote">On Tue, Apr 9, 2013 at 5:44 PM, sibu <span dir="ltr"><<a href="mailto:sibxol@btconnect.com" target="_blank">sibxol@btconnect.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Dear Freeswitch-Users/Developers<br>
<br>
I am new to this list and freeswitch.<br>
<br>
I would like to know if anyone has tried freeswitch with an ipsec VPN such as<br>
openswan or strongswan and what were/should-be the settings (eg transport-<br>
mode, tunnel-mode etc), results and requirements vis a vis cpu-power,<br>
network-speed etc etc<br>
<br>
all hints and suggestions welcomed<br>
thanks in advance<br>
sibu xolo<br>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
</blockquote></div><br>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div>