I’ve got a pair of voice-over-IP boxes. You can plug an analog phone into them, and you get a dial tone; you can program numbers to dial, and associate them with external IP addresses. If used on an internal network, you get very high-quality voice communication - indistinguishable from telephones.
Now I’d like to use these two boxes between two locations.
Here’s where things get tricky.
At one location, I have a pretty standard home set-up: a NATting firewall/router that gets a public IP address from the ISP (66.x.x.x) , and has a private IP on the back end (192.168.x.x.)
Fortunately, my router here permits both trigger ports and a DMZ. So I can figure out what IP ports the VOIP device uses, and set my router to direct traffic on those ports to the VOIP device. Indeed, I could even define the VOIP device as my DMZ machine (all incoming traffic goes there) since I’m not worried about anything like an undiscovered RPC vulnerability on a box that’s not really running an OS in the traditional sense.
If the other side looked like that, then this post would not be written.
The other side of the equation ALMOST looks like that. It, too, has an ISP and a NATting firewall/router. But here’s the catch: the IP address assigned to the public side of that router by that ISP is 10.x.x.x! In other words, the ISP is handing out private IPs, and IT is doing some address translation somewhere down the line.
So I’m flummoxed. I can’t tell the ISP to set up trigger ports to me. I can’t capture incoming traffic.
So my thoughts turn to setting up some sort of VPN/tunnelling system.
How can I do this?