1. Go to: Policies > Firewalling > Main IP Rules > Add > IP Rule
2. Now enter:
• Name: H323AllowOut
• Action: Allow
• Source Interface: lan
• Source Network: lannet
• Destination Interface: any
• Destination Network: all-nets
• Service: my_h323_service
• Comment: Allow outgoing H.323 calls.
3. Click OK
Create an IP rule for incoming H.323 traffic:
1. Go to: Policies > Firewalling > Main IP Rules > Add > IP Rule
2. Now enter:
• Name: H323AllowIn
• Action: Allow
• Source Interface: any
• Source Network: all-nets
• Destination Interface: lan
• Destination Network: lannet
• Service: my_h323_service
• Comment: Allow incoming H.323 calls.
3. Click OK
Example 6.10. Protecting Internal H.323 Phones Using IP Policy Objects
This example repeats the previous example but uses IP Policy objects instead of IP Rule objects.
This means that an H.323 ALG object cannot be used and a VoIP Profile object is created instead
and this is associated with the IP Policy.
Note that the Service object used must have its Protocol property set to be H.323.
Web Interface
Chapter 6: Security Mechanisms
483
To Next Page
Loading...
