D-Link DFL-260E User Manual for DFL-260E - Page 293
SIP Media-related Protocols, NetDefendOS SIP Setup, SIP ALG Options, clients, user agent, REGISTER
View all D-Link DFL-260E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 293 highlights
6.2.8. The SIP ALG Chapter 6. Security Mechanisms The following components are the logical building blocks for SIP communication: User Agents Proxy Servers Registrars These are the end points or clients that are involved in the client-to-client communication. These would typically be the workstation or device used in an IP telephony conversation. The term client will be used throughout this section to describe a user agent. These act as routers in the SIP protocol, performing both as client and server when receiving client requests. They forward requests to a client's current location as well as authenticating and authorizing access to services. They also implement provider call-routing policies. The proxy is often located on the external, unprotected side of the NetDefend Firewall but can have other locations. All of these scenarios are supported by NetDefendOS. A server that handles SIP REGISTER requests is given the special name of Registrar. The Registrar server has the task of locating the host where the other client is reachable. The Registrar and Proxy Server are logical entities and may, in fact, reside on the same physical server. SIP Media-related Protocols A SIP session makes use of a number of protocols. These are: SDP Session Description Protocol (RFC4566) is used for media session initialization. RTP Real-time Transport Protocol (RFC3550) is used as the underlying packet format for delivering audio and video streaming via IP using the UDP protocol. RTCP Real-time Control Protocol (RFC3550) is used in conjunction with RTP to provide out-of-band control flow management. NetDefendOS SIP Setup When configuring NetDefendOS to handle SIP sessions the following steps are needed: • Define a single Service object for SIP communication. • Define a SIP ALG object which is associated with the Service object. • Define the appropriate IP rules for SIP communications which use the defined Service object. SIP ALG Options The following options can be configured for a SIP ALG object: Maximum Sessions per ID The number of simultaneous sessions that a single client can be involved with is restricted by this value. The default number is 5. Maximum Registration Time The maximum time for registration with a SIP Registrar. The default value is 3600 seconds. SIP Signal Timeout The maximum time allowed for SIP sessions. The default 293