Home » Forums » Community Edition » Open Discussion

2nd Network card

adabbas
Posts: 191
 Member Since:
2008-11-19
Submitted by adabbas on Tue, 03/10/2009 - 6:34am.

Hello every one,

I’ve read some posts in the past saying that when you have two network cards on your server, trixbox will enable DHCP and some other services on one of them by default. What kind of services??

What are the benefits of having two network cards? I’ve noticed that the trixbox appliance has two?

I was thinking of using one network card for my local phones VLAN, and the other for ATA(s) and SIP/IAX2 trunks to the outside world. Is that a good idea?? Any guidelines or documentation about how to use it??

Or is it simply good enough to put my ATA(s) in their own VLAN and use a router between the phones VLAN and the ATA(s) VLAN??

‹ Caller ID lookup for Microsoft CRM Skype and Trixbox ›

&nbsp

cvander
Posts: 637
 Member Since:
2006-06-26
Second NIC can be useful
Tue, 03/10/2009 - 8:01am

Adabbas,

I use 2 NICs in most of my setups. 1 NIC for my internal LAN and any necssary VLAN for the phones, and another one for my external callers and SIP trunking. It allows me to keep a tighter grip on security. The NIC for the internal LAN is connected directly to one of my office core switches, while my second NIC is connected to my Perimeter Network. The perimeter network is behind a pfsense firewall running 1:1 NAT with firewall rules. In addition, I'm also running apf/bfd and fail2ban on the trixbox itself. Using this combination, I've been able to successfully detect system attacks, including SIP scanning, and cut it off at the perimeter. In the event they do compromise the perimeter box, my internal network is still isolated, since I've disabled routing on the trixbox. There is nothing different about the initial config of your box, you'll just have 2 NICs, and will have to decide how secure you want to make your systems.

-Chris


&nbsp

adabbas
Posts: 191
 Member Since:
2008-11-19
This sounds way advance than
Tue, 03/10/2009 - 9:29am

This sounds way advance than I was looking for, maybe someday soon I will get to that. Thanks for your response, I was actuallyafter some guidelines or documentation with sample configrations :)

I am using Vyatta for my firewall, which is another great open source router. It seems that I am getting way ahead of myself with this stuff, and it seems that I need to study more linux basics before I go deeper into trixbox.


&nbsp

cvander
Posts: 637
 Member Since:
2006-06-26
Adabbas, Don't let the
Tue, 03/10/2009 - 9:53am

Adabbas,

Don't let the jargon scare you. There's lots of great documentation on installing fail2ban and apf/bfd around in the forums. Engineer Tim's website also has good documentation on apf/bfd, as well as other great security recommendations.

If you want to get deeper into it, send me a PM, and I can assist you with the design.

-Chris


&nbsp

adabbas
Posts: 191
 Member Since:
2008-11-19
Thanks a lot that is a
Tue, 03/10/2009 - 10:20am

Thanks a lot that is a really generous offer, I better start reading about it then, and will PM you when I am a bit more ready.


&nbsp

jordanlcn
Posts: 1
 Member Since:
2009-03-18
Same Srtup
Thu, 04/09/2009 - 10:16pm

I would like to know what needs to be done on the Trixbox side of the pond. Meaning what needs to be changed from the default setup to make it work on 2 NIC Sources. 1 nic for internal Phones and another NIC for external Extensions and/or SIP trunks.


&nbsp

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.