Table of Contents
Advertisement
• You do not need to use TURN (Traversal Using Relay NAT) for VoIP devices behind the Zyxel Device
when you enable the SIP ALG.
• Configuring the SIP ALG to use custom port numbers for SIP traffic also configures the application
patrol (see
Chapter 26 on page
the application patrol to use custom port numbers for SIP traffic also configures SIP ALG to use the
same port numbers for SIP traffic.
Peer-to-Peer Calls and the Zyxel Device
The Zyxel Device ALG can allow peer-to-peer VoIP calls for both H.323 and SIP. You must configure the
security policy and NAT (port forwarding) to allow incoming (peer-to-peer) calls from the WAN to a
private IP address on the LAN (or DMZ).
VoIP Calls from the WAN with Multiple Outgoing Calls
When you configure the security policy and NAT (port forwarding) to allow calls from the WAN to a
specific IP address on the LAN, you can also use policy routing to have H.323 (or SIP) calls from other LAN
or DMZ IP addresses go out through a different WAN IP address. The policy routing lets the Zyxel Device
correctly forward the return traffic for the calls initiated from the LAN IP addresses.
For example, you configure the security policy and NAT to allow LAN IP address A to receive calls from
the Internet through WAN IP address 1. You also use a policy route to have LAN IP address A make calls
out through WAN IP address 1. Configure another policy route to have H.323 (or SIP) calls from LAN IP
addresses B and C go out through WAN IP address 2. Even though only LAN IP address A can receive
incoming calls from the Internet, LAN IP addresses B and C can still make calls out to the Internet.
Figure 238 VoIP Calls from the WAN with Multiple Outgoing Calls
VoIP with Multiple WAN IP Addresses
With multiple WAN IP addresses on the Zyxel Device, you can configure different security policy and NAT
(port forwarding) rules to allow incoming calls from each WAN IP address to go to a specific IP address
on the LAN (or DMZ). Use policy routing to have the H.323 (or SIP) calls from each of those LAN or DMZ IP
addresses go out through the same WAN IP address that calls come in on. The policy routing lets the
Zyxel Device correctly forward the return traffic for the calls initiated from the LAN IP addresses.
For example, you configure security policy and NAT rules to allow LAN IP address A to receive calls
through public WAN IP address 1. You configure different security policy and port forwarding rules to
allow LAN IP address B to receive calls through public WAN IP address 2. You configure corresponding
Chapter 14 ALG
496) to use the same port numbers for SIP traffic. Likewise, configuring
ZyWALL ATP Series User's Guide
348
- Quick Links:
- Web Configurator
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Related Manuals for ZyXEL Communications ZyWall ATP series
Related Products for ZyXEL Communications ZyWall ATP series
- ZyXEL Communications ZyWALL USG Series
- ZyXEL Communications ZyWALL 310
- ZyXEL Communications ZyWALL 310 Series
- ZyXEL Communications ZyWall ZLD Series
- ZyXEL Communications ZLD
- ZyXEL Communications ZyWALL ATP Series
- ZyXEL Communications ZyWALL 10
- ZyXEL Communications Internet Security Appliance ZyWALL5UTM 4.0