Hi
I have a PBX behind a Mikrotik RB2011 and it has been protected by restricting inbound NAT to Voip Provider IP addresses only so no need for firewalling the traffic as such.
They now want to have personal mobile phones of the staff use SIP apps (3CX system) to dial out from their extensions when they are on the go. Which means having to open the ports to public ip addresses which is obviously a massive security risk.
I would like to restrict the NAT inbound to MAC addresses of the mobiles or something like that. Anyone know if this is possible on the RB2011 or if there is another cunning way to lock NAT forwarding down to a bunch of mobiles and VoIP providers only.
thanks