Create a new VoIP Profile object:
1. Go to: Policies > Firewalling > VoIP > Add > VoIP Profile
2. Specify a name for the profile, in this case my_h323_profile
3. Click OK
Create a custom Service object for H.323:
1. Go to: Objects > Services > Add > TCP/UDP
2. Now enter:
• Name: my_h323_policy_service
• Type: TCP
• Destination port: 1720
• Protocol: H.323
3. Click OK
Create an IP policy for outgoing H.323 traffic:
1. Go to: Policies > Firewalling > Main IP Rules > Add > IP Policy
2. Now enter:
• Name: H323AllowOut
• Action: Allow
• Source Interface: lan
• Source Network: lannet
• Destination Interface: any
• Destination Network: all-nets
• Service: my_h323_policy_service
• Comment: Allow outgoing H.323 calls.
3. Select the VoIP tab, enable VoIP and select my_h323_profile
4. Click OK
Create an IP policy for incoming H.323 traffic:
1. Go to: Policies > Firewalling > Main IP Rules > Add > IP Policy
2. Now enter:
• Name: H323AllowIn
• Action: Allow
Chapter 6: Security Mechanisms
484
To Next Page
Loading...
