Table of Contents
Advertisement
The predefined H.323 service objects in the default configuration for NetDefendOS 11.03 and
later already have their Protocol property set to be H.323. This will not be true where
NetDefendOS has been upgraded to version 11.03 or later.
H.323 Settings
Both the H.323 ALG object (for IP Rules) and the VoIP Profile (for IP Policies) objects allow the
following property settings to be configured:
•
Allow TCP Data Channels
This option allows TCP based data channels to be negotiated. Data channels are used, for
example, by the T.120 protocol.
•
Max TCP Data Channels
The maximum number of TCP data channels can be specified.
•
Gatekeeper Registration Lifetime
The gatekeeper registration lifetime can be controlled in order to force re-registration by
clients within a certain time. A shorter time forces more frequent registration by clients with
the gatekeeper and less probability of a problem if the network becomes unavailable and the
client thinks it is still registered.
•
Translate Addresses
The default value for address translation is Automatic. If set to Specific, a particular network
and IP address can be set. If not enabled then no address translation will be done on logical
channel addresses and the administrator needs to be sure about IP addresses and routes
used in a particular scenario.
•
Network and IP Address
This option is available if the Translate Address option is set to Specific. For NATed traffic,
the Network specifies what is allowed to be translated. The IP Address specifies which IPv4
address to NAT with. If Translate Addresses is to Automatic, the external IP address is found
automatically through route lookup.
H.323 Service Object Setup
Presented next are some examples of H.323 setup. For each setup, a Service object is used. The
properties of the Service objects created for H.323 should be as follows:
•
H.323 Service - Type: TCP, Destination port: 1720
•
H.323 Gatekeeper Service - Type: UDP, Destination port: 1719
There are predefined Service objects in NetDefendOS which are called h323 and h323-gatekeeper
and these could be used instead of the custom Service objects used in the example. However, if
using these objects with an IP Policy, it should be checked that the Protocol property of the
Service is set to H.323. This is automatically true for the default configuration of NetDefendOS
11.03 or later but not true for upgrades from versions prior to 11.03.
481
Chapter 6: Security Mechanisms
- Quick Links:
- User Manual
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
