Newbie question about SPI firewall

Discussion in 'Tomato Firmware' started by grpprod, Jul 31, 2007.

  1. grpprod

    grpprod LI Guru Member

    I am using Tomato firmware, and it works fine. What I would like is help with the following. Please all forgive me if this a simple issue, but I am rather new with this.

    1. I do not use WRT's NAT/WAN capabilities. My network is directly connected to the Internet with routable IPs.

    2. What I want to ask is whether it's possible to apply the SPI firewall also to the LAN ports. I understand that by default packet filtering takes place between the WAN and the LAN interfaces. In other words, I need some kind of 'transparent' firewalling.

    I would appreciate some help/comments.
  2. ifican

    ifican Network Guru Member

    Not possible that i am aware of with that device, there are lots of others on the market that are capable of doing that but when a firewall goes into transparent mode it always takes away some of its inherent abilities. Depending on how many ip's you have and how many you need you could potentially run it as a router, i think you can leave th firewall on but am not certain of that and would have to check.
  3. grpprod

    grpprod LI Guru Member


    Basically, I would love running in NAT mode. The only reason I don't , is that I have a couple of Cisco IP phones. They use (I think) SCCP.

    I tried (with the original Linsys firmware, and also with DD-WRT, using port forwarding etc.) to make them work behind NAT, but that was impossible. Still haven't tried Tomato, though. So if anyone has achieved this please post a comment.
  4. ifican

    ifican Network Guru Member

    Are you running call manager locally or remotely? Also you could get a switch, ip the phones with outside ip's and run the rest of your network behind the router.
  5. dvaskelis

    dvaskelis Network Guru Member

    Here's the top Google result: SCCP Phone through NAT
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice