Chapter 4. Network Configuration
First, the Telecommuting Module must be configured to be aware of the network in which it operates. This is performed on the Network Configuration pages. The important pages for getting started are Telecommuting Module Type, Interface (Network Interface 1 and 2), Default Gateway, Networks and Computers and (for the DMZ Telecommuting Module Type) Surroundings.
You will also need to add DNS configuration on the Basic Configuration page under Basic Configuration
Telecommuting Module Type
The Telecommuting Module can be connected to your network in different ways, depending on your needs. On this page, you state what configuration you have.
DMZ Configuration
Using this configuration, the Telecommuting Module is located on the DMZ of your firewall, and connected to it with only one interface. The SIP traffic finds its way to the Telecommut- ing Module using DNS or by setting the Telecommuting Module as an outbound proxy on the clients.
This is the most secure configuration, since all traffic goes through both your firewall and your Telecommuting Module. It is also the most flexible, since all networks connected to any of your firewall’s interfaces can be
The drawback is that the SIP traffic will pass the firewall twice, which can decrease perfor- mance.
On your firewall, you need to open the SIP port (normally UDP port 5060) and a range of UDP ports for RTP traffic between the Telecommuting Module and the Internet as well as between the Telecommuting Module and your internal networks. The SIP traffic finds its way to the Telecommuting Module using DNS or by setting the Telecommuting Module as an outbound proxy on the clients.
The firewall mustn’t use NAT for the traffic between the Telecommuting Module and your internal networks or for the traffic between the Telecommuting Module and the Internet. However, the Telecommuting Module can itself use NAT for traffic to the Internet.
You need to declare your internal network topology on the Surroundings page.
17