HI, i have a client site which ive deployed a mikrotik ax2 and installed ZT on it before linking it up with my ZT cloud router console. My issue here is, i cannt install another ZT client onto the propriatory sip server so my plan is to tunnel my traffic via the local mikrotik thorugh to a server at the datacenter using ZT and then breakout from there to the voip server. What im trying to achieve by doing this is to provide a static IP to the mikrotik via ZT, encrypt the traffic between the Mikrotik and the voip server so as to avoid ISP rules like shaping etc. This use to work easy by setting up an openvpn server in the cloud and then tunnelling to that before breaking out but now ive dropped all the ovpn infra in favour of ZT which works beautifully except for this one segment of my voip networking. im lost as to what server to deploy in the cloud to mimmic what the openvpn server used to do before. Any help or advice would be greatly appreciated.
Use WireGuard for this.
Hi Andrew, thank you for this. And the point of it tunneling to avoid the ISP identifying the traffic which their rules apply to, would this still stand with wireguard?
Yes, they cannot identify the payload sent within the encrypted tunnel (like SIP and RTP in your case), however they potentially can block/shape/etc. the tunnel (ZT, WG, OpenVPN, etc.) itself.
1 Like
Thank you for understanding my need and being on target with your reply.