H.460 nat firewall traversal, H.460 nat firewall traversal -18, More information, refer to – Polycom VSX Series User Manual

Administrator’s Guide for the VSX Series

3 - 18

H.460 NAT Firewall Traversal

You can configure VSX systems to use standards-based H.460.18 and H.460.19

firewall traversal, which allows video systems to more easily establish IP

connections across firewalls.
The following illustration shows how a service provider might provide H.460

firewall traversal between two enterprise locations. In this example the V

2

IU™

traversal server gateway is on the edge of the service provider network and

facilitates IP calls between VSX systems behind different firewalls.

To use this traversal, VSX systems and firewalls must be configured as follows:

• Enable firewall traversal on the VSX system.

• Register the VSX system to an external V

2

IU Traversal Server Gateway

that supports the H.460.18 and H.460.19 standards.

• Make sure that firewalls being traversed allow VSX systems behind them

to open outbound TCP and UDP connections.
— Firewalls with a stricter rule set should allow VSX systems to open at

least the following outbound TCP and UDP ports: 1720 (TCP),

14085-15084 (TCP) and 1719(UDP), 16386-25386 (UDP).

— Firewalls should permit inbound traffic to TCP and UDP ports that

have been opened earlier in the outbound direction.

• For best interoperability, make sure that H.323 protocol-aware features are

disabled on firewalls being traversed.

To enable firewall traversal on a VSX system:

1.

Go to System > Admin Settings > Network > IP > Firewall > Next.

2.

Select Enable NAT/Firewall Traversal.

Gatekeeper

IP Network

System with

Enterprise Location A

Enterprise Location B

Service Provider

V

2

IU Server Gateway

Traversal Enabled

System with
Traversal Enabled

that Supports H.460.18
and H.460.19