I have a webserver on my network. When I installed a VoIP box, it broke outside access to my webserver. Here is how I fixed it; I offer these comments in the hope that someone else may benefit. These comments are specific to the D-Link DVG-1220M VoIP router, but the concept should apply to other hardware as well, assuming the VoIP router can be configured to do port forwarding.
I had a setup like this:
---> cablemodem ---> broadbandrouter -> webserver
Under this config, the broadbandrouter was getting its IP address from the cablemodem (and it was publically routable address, so the world could see that IP). The webserver has a 192.168 private address, but the broadbandrouter port-forwarded #80 to the webserver, so it worked even though the IP address of the webserver is not routable.
I added a VoIP box (D-Link DVG-1120M), which fits in like this:
---> cablemodem ---> VoIP -> broadbandrouter -> webserver
This broke public access to the webserver. The problem is that the VoIP box takes the public IP from the cablemodem and assignes (via DHCP) a private address to the downstream client (the broadbandrouter) and NATs the traffic. That's fine for my hone network computers to get OUT to the internet, but it breaks the routing of internet web users trying to get IN to my webserver.
To get it to work, it was simply a matter of configuring port forwarding on the VoIP box (so VoIP port-forwards to the broadbandrouter which port-forwards to the webserver). Browse to the VoIP box (192.168.15.1 by default) to enter the VoIP config panel. Under the "NAT Configuration" folder select "Virtual Server Configuration." Edit the first item. Use protocol TCP, global port 80, local port 80, serverIP 192.168.15.225 (see below) and state Enabled. Save it. Do the same for port 443 if you want to do HTTPS and port 22 if you want SSH. You could open up FTP also, if you like getting 0wn3d (scp or sftp is much better than ftp).
It's important that the downstream box (the broadbandrouter) always has the same IP address. This might not happen under the default VoIP config, because it assignes the downstream address via DHCP, so it might not always be the same. You could force the address, but I preferred to solve the problem by going to Dynamic IP assignment (under DHCP configuration) and setting the Start IP Address to 192.168.15.225 and the IP Range to 1. This allows me to leave the broadband router alone (allowing it to pull its WAN address via DHCP) but insures the broadbandrouter will always be assigned
192.168.15.225, so our port forwarding rules always work.Reboot your VoIP box, renew the DCHP lease on your broadbandrouter, and you're back in business.
Cheers!