Setting Up IpSec VPN on TB

anyone?

Did you search IPSec and Linux and look at all the packages. Why people think trixbox is different is beyond me.

I think a phone system is the wrong place to run a VPN also. When Cisco PIX's go for under $50 on eBay it seem silly.

You can also use an old machine and pfSense, all depends on what you like.

Let me ask you this, forget the Linux are you able to setup a typical VPN on a router or a firewall. If not you will be lost on Linux.

Thanks for all the responses. To answer some of the questions:
- I've looked at IPSec and linux on google but for someone with limited knowledge of linux I find that most of the times when things dont work it is because of some "minor" definitions\security issues. That was why I hoped someone is familiar with a guide similar to "trixbox without tears" which was very helpful for making the first steps into linux and asterisk.

- I am not familiar with hardware solutions nor have I implemented VPN connections in the past (except Hamachi)....nevertheless I believe it is within my capabilities and I understand and have worked with various firewalls and security hardware\applications.

Let me elaborate on my problem and perhaps some1 can give an idea on solving this:
Where I live there is Telephony\Internet supplier that gives you a router through which you get internet (they are your ISP) and two analog FXO lines. The communication between the router and the Provider is through SIP so the provider seizes the ports used for SIP and Using TB 2.2.4 I haven't been able so far to change the ports used by TB without harming my configuration.
I know the whole thing is pretty dumb: TB(digital) through Rhino4FXO (analog) to router and Provider (digital) but they wont allow direct SIP link to them and their prices are unbeatable...:(

To sum up - VPN seems to be the necessary solution which will let me connect remote extensions while not being blocked by the Provider. Will software VPN will deteriorate my TB that bad? Any other solutions?
Thanx

I think he is stuck with the router he was provided if he wants to use their lines (FXO ports). The question is if he can do *any* configuration on the router. If you can and there are basic port forwarding options I would port forward an odd port such as 5062 and map it to port 5060 and point to the internal trixbox. That way you only have to change the phone to use 5062 which should be easy. Much like you would bypass an ISP port 80 filter yet use port 80 at the server.

If he can't configure the router then it simply won't work for a remote phone since he won't be able to port forward anything. Going from the inside shouldn't be a problem unless the ISP blocks SIP which isn't very likely.

If your remotes are on a remote network that allows you to configure a VPN then there is hope but again this isn't a simple task without previous experience. If by chance your provider is a cable modem then you might be able to run two firewalls with one being available for normal SIP/IAX port forwarding.