User manual

ManualsBrandsD-Link ManualsNetworkingDFL - 1660 Network Security UTM Firewall

231

232

233

234

235

236

237

238

239

240

Incoming Gatekeeper Rules:

1. Go to Rules > IP Rules > Add > IPRule

2. Now enter:

• Name: H323In

• Action: SAT

• Service: H323-Gatekeeper

• Source Interface: any

• Destination Interface: core

• Source Network: 0.0.0.0/0 (all-nets)

• Destination Network: wan_ip (external IP of the firewall)

• Comment: SAT rule for incoming communication with the Gatekeeper located at ip-gatekeeper

3. For SAT enter Translate Destination IP Address: To New IP Address: ip-gatekeeper (IP address of

gatekeeper).

4. Click OK

1. Go to Rules > IP Rules > Add > IPRule

2. Now enter:

• Name: H323In

• Action: Allow

• Service: H323-Gatekeeper

• Source Interface: any

• Destination Interface: core

• Source Network: 0.0.0.0/0 (all-nets)

• Destination Network: wan_ip (external IP of the firewall)

• Comment: Allow incoming communication with the Gatekeeper

3. Click OK

1. Go to Rules > IP Rules > Add > IPRule

2. Now enter:

• Name: H323In

• Action: Allow

• Service: H323-Gatekeeper

• Source Interface: lan

• Destination Interface: dmz

• Source Network: lannet

• Destination Network: ip-gatekeeper (IP address of the gatekeeper)

• Comment: Allow incoming communication with the Gatekeeper

3. Click OK

Note

There is no need to specify a specific rule for outgoing calls. NetDefendOS monitors

the communication between "external" phones and the Gatekeeper to make sure that it

6.2.8. The H.323 ALG Chapter 6. Security Mechanisms

234