• Type: TCP
• ALG: my_h323_alg
• Destination port: 1720
3. Click OK
Create the outgoing IP rule:
1. Go to: Policies > Firewalling > Main IP Rules > Add > IP Rule
2. Now enter:
• Name: H323Out
• Action: NAT
• Source Interface: lan
• Source Network: lannet
• Destination Interface: any
• Destination Network: all-nets
• Service: my_h323_service
• Comment: Allow outgoing H.323 calls.
3. Click OK
Create the SAT IP rules for incoming H.323 traffic:
1. Go to: Policies > Firewalling > Main IP Rules > Add > IP Rule
2. Now enter:
• Name: H323In
• Action: SAT
• Source Interface: any
• Source Network: all-nets
• Destination Interface: core
• Destination Network: wan_ip (external IP of the firewall)
• Service: my_h323_service
• Comment: Allow incoming calls to H.323 phones via ip-phone.
3. For SAT enter Translate Destination IP Address: To New IP Address: ip-phone (IP address
of phone)
4. Click OK
Chapter 6: Security Mechanisms
486
To Next Page
Loading...
