Issue 6.0 NEC SL1100
6 - 8 Network Design Considerations
Some solutions, such as the hub replacement and integration of QoS, are
done behind the scenes and should have no effect on the voice application.
Other solutions such as NAT and Firewall cause major disturbance to VoIP.
4.2 Firewall Integration
Network security is always a concern when connecting the Local Area
Network (LAN) to the Wide Area Network (WAN). There are many ways to
integrate security in the network – the most popular are Firewalls and Proxy
servers.
Firewalls
Firewalls can be implemented in both hardware and software, or a
combination of both. Firewalls are frequently used to prevent
unauthorized Internet users from accessing private networks connected
to the Internet, especially Intranets. All messages entering or leaving the
Intranet pass through the firewall, which examines each message and
blocks those that do not meet the specified security criteria.
Proxy Server
Proxy server intercepts all messages entering and leaving the network.
The proxy server effectively hides the true network address.
What should be noted is that no matter which security measure is
implemented, the VoIP must have TCP/UDP ports open in the security wall
(e.g., firewall/proxy) for the media and control streams to flow. If any point in
the network prevents the ports from flowing from end-to-end, the VoIP
application does not work.
The ports that need to be open on the firewall/proxy vary depending on the
particular application being used. A list of these ports is shown below, however
it should be noted that the preferred solution would be to allow all ports on the
NEC SL1100 device to be open, or to place the NEC SL1100 outside of the
firewall.
Applications Rx Port
NEC SL1100
Programming
PC Programming 8000 90-54-02
Web Programming 80 90-54-01
DHCP Server 67
SIP MLT Listening Port 5080
5081
10-46-06
10-46-13
SIP Trunk Listening Port 5060 10-29-04
SIP Single Line Stations 5070 84-20-01
Realtime Transport Protocol 10020~10082 84-26-01
To Next Page
Loading...
