D-Link DFL-2500 User Guide - Page 180
H.323 ALG Configuration
View all D-Link DFL-2500 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 180 highlights
18.4. H.323 161 • NAT, SAT The H.323 ALG supports version 5 of the H.323 specification. This specification is built upon H.225.0 v5 and H.245 v10. In addition to support voice and video calls, the H.323 ALG supports application sharing over the T.120 protocol. T.120 uses TCP to transport data while voice and video is transported over UDP. To support gatekeepers, the ALG makes sure to monitor RAS traffic between H.323 endpoints and the gatekeeper, in order to configure the firewall to let calls through. NAT and SAT rules are supported, allowing clients and gatekeepers to use private IP addresses on a network behind the firewall. 18.4.5 Scenarios: H.323 ALG Configuration The H.323 ALG can be configured to suit different usage scenarios. It is possible to configure if TCP data channels should be allowed to traverse the firewall or not. TCP data channels are used by the T.120 protocol (see 18.4.3), for instance. Also, the maximum number of TCP data channels can be limited to a fixed value. The gatekeeper registration lifetime can be controlled by the firewall in order to force re-registration of clients within a time frame specified by the administrator. Presented here are a few network scenarios, visualized in network diagrams. The scenarios are examples of network setups where the H.323 ALG is suitable to use. For each scenario a configuration example of both the ALG and the rules are presented. The three service definitions used in these scenarios are: • Gatekeeper (UDP ALL → 1719) • H323 (H.323 ALG, TCP ALL → 1720) • H323-Gatekeeper (H.323 ALG, UDP → 1719) D-Link Firewalls User's Guide