AudioCodes Mediant 2000 User Manual page 135
Voip media gateway
Hide thumbs
Also See for Mediant 2000:
- User manual (662 pages) ,
- Installation manual (44 pages) ,
- Hardware installation manual (30 pages)
Table of Contents
Advertisement
User's Manual
The firewall rules in the above configuration example do the following:
Rules 1 and 2: Typical firewall rules that allow packets ONLY from specified IP
addresses (e.g., proxy servers). Note that the prefix length is configured.
Rule 3: A more "advanced" firewall rule - bandwidth rule for ICMP, which allows a
maximum bandwidth of 40,000 bytes/sec with an additional allowance of 50,000 bytes.
If, for example, the actual traffic rate is 45,000 bytes/sec, then this allowance would be
consumed within 10 seconds, after which all traffic exceeding the allocated 40,000
bytes/sec is dropped. If the actual traffic rate then slowed to 30,000 bytes/sec, the
allowance would be replenished within 5 seconds.
Rule 4: Allows traffic from the LAN voice interface and limits bandwidth.
Rule 5: Blocks all other traffic.
Parameter
Source IP
[AccessList_Source_IP]
Source Port
[AccessList_Source_Port]
Prefix Length
[AccessList_PrefixLen]
Start Port
[AccessList_Start_Port]
End Port
[AccessList_End_Port]
Version 6.6
Internal Firewall Parameters
Defines the IP address (or DNS name) or a specific host name of the
source network (i.e., from where the incoming packet is received).
Defines the source UDP/TCP ports (of the remote host) from where
packets are sent to the device.
The valid range is 0 to 65535.
Note: When set to 0, this field is ignored and any source port
matches the rule.
(Mandatory) Defines the IP network mask - 32 for a single host or
the appropriate value for the source IP addresses.
A value of 8 corresponds to IPv4 subnet class A (network mask
of 255.0.0.0).
A value of 16 corresponds to IPv4 subnet class B (network mask
of 255.255.0.0).
A value of 24 corresponds to IPv4 subnet class C (network mask
of 255.255.255.0).
The IP address of the sender of the incoming packet is trimmed in
accordance with the prefix length (in bits) and then compared to the
parameter 'Source IP'.
The default is 0 (i.e., applies to all packets). You must change this
value to any of the above options.
Note: A value of 0 applies to all packets, regardless of the defined
IP address. Therefore, you must set this parameter to a value other
than 0.
Defines the destination UDP/TCP start port (on this device) to where
packets are sent.
The valid range is 0 to 65535.
Note: When the protocol type isn't TCP or UDP, the entire range
must be provided.
Defines the destination UDP/TCP end port (on this device) to where
packets are sent.
The valid range is 0 to 65535.
Note: When the protocol type isn't TCP or UDP, the entire range
must be provided.
135
Description
12. Security
Mediant 2000
Advertisement
Table of Contents
Troubleshooting
