1
My VOIP provider uses a device to supply the service. The device is on my side of my router and part of my LAN. He requires I forward a very large range of ports to his device (something like 5000 to 65000). I asked if this compromises the security of the rest of my LAN he said no, but he can't sell me his service if he says yes. So, I'm asking here whether it does or not.
From the little I understand about port forwarding I think an intruder can only reach the the device assigned this IP address. If that's so the question becomes, can the intruder use their device to network to my LAN and thus reach my other computers?
Verify if the device supports UPnP. If it does then forwarding ports isn't required. – Ramhound – 2014-02-06T23:09:24.770
I use a VoIP provider with modern equipment (8x8.com) and they have no such requirement. They do, however, recommend setting QoS rules for a few ports to prioritize VoIP traffic above all others (locally). Are you in a position to use a hosted VoIP service instead if one that requires such holes? I wouldn't allow it myself unless my VoIP LAN was separate from my data LAN. – Brian Adkins – 2014-02-06T23:46:30.953