ZyXEL Communications USG40 User Manual page 276
Usg series
Hide thumbs
Also See for USG40:
- User manual (994 pages) ,
- Handbook (810 pages) ,
- Reference manual (665 pages)
Table of Contents
Advertisement
• The ZyWALL/USG allows SIP audio connections.
• You do not need to use TURN (Traversal Using Relay NAT) for VoIP devices behind the ZyWALL/
USG when you enable the SIP ALG.
• Configuring the SIP ALG to use custom port numbers for SIP traffic also configures the
application patrol (see
Likewise, configuring the application patrol to use custom port numbers for SIP traffic also
configures SIP ALG to use the same port numbers for SIP traffic.
Peer-to-Peer Calls and the ZyWALL/USG
The ZyWALL/USG ALG can allow peer-to-peer VoIP calls for both H.323 and SIP. You must configure
the security policy and NAT (port forwarding) to allow incoming (peer-to-peer) calls from the WAN
to a private IP address on the LAN (or DMZ).
VoIP Calls from the WAN with Multiple Outgoing Calls
When you configure the security policy and NAT (port forwarding) to allow calls from the WAN to a
specific IP address on the LAN, you can also use policy routing to have H.323 (or SIP) calls from
other LAN or DMZ IP addresses go out through a different WAN IP address. The policy routing lets
the ZyWALL/USG correctly forward the return traffic for the calls initiated from the LAN IP
addresses.
For example, you configure the security policy and NAT to allow LAN IP address A to receive calls
from the Internet through WAN IP address 1. You also use a policy route to have LAN IP address A
make calls out through WAN IP address 1. Configure another policy route to have H.323 (or SIP)
calls from LAN IP addresses B and C go out through WAN IP address 2. Even though only LAN IP
address A can receive incoming calls from the Internet, LAN IP addresses B and C can still make
calls out to the Internet.
Figure 186 VoIP Calls from the WAN with Multiple Outgoing Calls
VoIP with Multiple WAN IP Addresses
With multiple WAN IP addresses on the ZyWALL/USG, you can configure different security policy
and NAT (port forwarding) rules to allow incoming calls from each WAN IP address to go to a
specific IP address on the LAN (or DMZ). Use policy routing to have the H.323 (or SIP) calls from
each of those LAN or DMZ IP addresses go out through the same WAN IP address that calls come in
on. The policy routing lets the ZyWALL/USG correctly forward the return traffic for the calls initiated
from the LAN IP addresses.
For example, you configure security policy and NAT rules to allow LAN IP address A to receive calls
through public WAN IP address 1. You configure different security policy and port forwarding rules
to allow LAN IP address B to receive calls through public WAN IP address 2. You configure
Chapter 13 ALG
Chapter 25 on page
422) to use the same port numbers for SIP traffic.
ZyWALL/USG Series User's Guide
276
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Related Manuals for ZyXEL Communications USG40
Related Products for ZyXEL Communications USG40
- ZyXEL Communications ZYWALL USG 300
- ZyXEL Communications USG-50 - V2.21 ED 1
- ZyXEL Communications USG-100@USG-200 - V2.20 ED 2
- ZyXEL Communications USG-300 - V2.20 ED 2
- ZyXEL Communications ZYWALL USG 20W
- ZyXEL Communications UAG Series
- ZyXEL Communications ZyWALL USG100-Plus
- ZyXEL Communications ZyWALL USG 2000