• Action: Allow
• Service: H323
• Source Interface: lan
• Destination Interface: any
• Source Network: lannet
• Destination Network: 0.0.0.0/0 (all-nets)
• Comment: Allow outgoing calls
3. Click OK
Incoming Rule:
1. Go to: Rules > IP Rules > Add > IPRule
2. Now enter:
• Name: H323AllowIn
• Action: Allow
• Service: H323
• Source Interface: any
• Destination Interface: lan
• Source Network: 0.0.0.0/0 (all-nets)
• Destination Network: lannet
• Comment: Allow incoming calls
3. Click OK
Example 6.7. Using Private IPv4 Addresses
This scenario consists of two H.323 phones, each one connected behind the NetDefend Firewall on a network
with private IPv4 addresses. In order to place calls on these phones over the Internet, the following rules need to
be added to the rule set in the firewall. Make sure there are no rules disallowing or allowing the same kind of
ports/traffic before these rules.
As we are using private IPs on the phones, incoming traffic need to be SATed as in the example below. The
object ip-phone should be the internal IP of the H.323 phone behind each firewall.
Web Interface
Outgoing Rule:
1. Go to: Rules > IP Rules > Add > IPRule
2. Now enter:
• Name: H323Out
• Action: NAT
• Service: H323
• Source Interface: lan
• Destination Interface: any
• Source Network: lannet
6.2.9. The H.323 ALG Chapter 6. Security Mechanisms
308
To Next Page
Loading...
