<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: RE: tunnel net2phone, MSN and Yahoo voice chat over cipe
From: Tony Langdon <tlangdon,AT,atctraining,DOT,com,DOT,au>
Date: Fri, 18 Oct 2002 07:23:02 +0200

> Recently, our ISP has decided to block Net2phone, MSN, Yahoo 
> and other 
> voice-based chatting and telephony services. We have a CIPE 
> link setup 
> between our Lahore, Pakistan office and our Boston office. The Lahore 
> office has a DSL link to the Internet with a fixed IP. The 
> Boston office 
> has a high speed internet DSL link from Qwest. Cipe is 
> running on Redhat 
>  linux in both offices. Is it possible to tunnel Net2phone, MSN etc. 
> traffic through the CIPE link and have the voice packet go out on the 
> Internet from our Boston office instead of the Lahore office? If this 
> were possible, the local ISP will only see CIPE UDP packets going to 
> Boston. The Boston linux machine would pull out the voice packets, 
> masquared the IP address (we use 192.168 address on the 
> internal network 
> in Lahore) and send the packet off to Internet. Could someone please 
> provide the necessary route entries to do this?

The answer is "it depends".  Firstly, if the service relies on an external
server for finding people/address resolution, it is harder to create a
working link.  The problem is that is your link is between the pricate
address spaces, then it will not get used, because the directory servers
will resolve the IP address of each end of the link to an external address,
which changes nothing from the status quo.

The exception to this is if you can get a tunnel between the DMZ's at each
end of the link and setup routing accordingly.  In this case, the traffic
could be made to pass through the tunnel.  Trouble here is that the tunnel
will likely be on the wrong side of the firewall to be of any use.

What you need is a VoIP application which does not rely on external servers
for anything.  A simple solution is using Netmeeting or CUSeeMe in manual
call mode - pop in the other person's (internal) IP address and traffic
should go via the VPN tunnel.  Speak Freely is useful here, as you get the
source to all the bits you need, including directory and conference servers.
This means that a complete communications system can be setup easily.

It's a pity that IPhone is no longer, as it used IRC servers for directory
lookup, so you could have setup an internal IRC server for the directory and
got a fully functioning system up (I have tried this myself, it works!).

VoIP can have its own complications.  Hope this helps a bit.

Outgoing mail has been scanned for Viruses
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.401 / Virus Database: 226 - Release Date: 9/10/2002

This correspondence is for the named person?s use only. It may contain
confidential or legally privileged information or both. No confidentiality
or privilege is waived or lost by any mistransmission. If you receive this
correspondence in error, please immediately delete it from your system and
notify the sender. You must not disclose, copy or rely on any part of this
correspondence if you are not the intended recipient.

Any opinions expressed in this message are those of the individual sender.

<< | Thread Index | >> ]    [ << | Date Index | >> ]