So I'm going to be installing my first Session Border Controller and I have a Netvanta 3430 w/ SBC (50 calls) on the way. I have a phone system that is currently on the LAN working with SIP trunks provided by the provider. We are now adding ip phones and will need to add the SBC to get those working with the SIP trunks. I understand the phone system (172.16.1.x) will communicate with the Adtran interface (172.16.1.x), but I have a question about the other 3430 interface that will need to communicate with the SIP trunks. Can that interface be behind the existing router (172.16.1.x) or does it need it's own public ip address?
I can't recommend strongly enough that the interface of the SBC facing the SIP trunks of the carrier have a public IP not behind any existing firewall. The SBC essentially is a firewall for VoIP.
There are so many things that can go wrong doing it any other way. Even if you can get it to work now, something will change in the future such as newer protocols, someone upgrading firewall software, etc that will break things in weird, intermittent, and unpredictable ways.
This is especially true if your firewall does NAT or is managed by a different entity than you. Unmitigated disaster in the making with weeks of blamestorming.
I can't recommend strongly enough that the interface of the SBC facing the SIP trunks of the carrier have a public IP not behind any existing firewall. The SBC essentially is a firewall for VoIP.
There are so many things that can go wrong doing it any other way. Even if you can get it to work now, something will change in the future such as newer protocols, someone upgrading firewall software, etc that will break things in weird, intermittent, and unpredictable ways.
This is especially true if your firewall does NAT or is managed by a different entity than you. Unmitigated disaster in the making with weeks of blamestorming.
Thank you