beautypg.com

Example dns record configuration, Uri dialing and firewall traversal, Recommended configuration – TANDBERG Security Camera User Manual

Page 119: Uri dialing, And firewall traversal

background image

119

D14049.03
MAY 2008

Grey Headline (continued)

TANDBERG

VIDEO COMMUNICATIONS SERVER

ADMINISTRATOR GUIDE

Introduction

Getting Started

Overview and

Status

System

Configuration

VCS

Configuration

Zones and

Neighbors

Call

Processing

Bandwidth

Control

Firewall

Traversal

Maintenance

Appendices

URI Dialing

URI Dialing for Incoming Calls

Example DNS Record Configuration

A company with the domain name

example.com

wants to enable incoming H.323 and SIP calls

using URI addresses in the format

[email protected]

. The VCS hosting the domain has the FQDN

vcs.example.com

.

Their DNS records would typically be as follows:

SRV record for

_ h323ls. _ udp.example.com

returns

vcs.example.com

SRV record for

_ h323cs. _ tcp.example.com

returns

vcs.example.com

SRV record for

_ sip. _ udp.example.com

returns

vcs.example.com

SRV record for

_ sip. _ tcp.example.com

returns

vcs.example.com

SRV record for

_ sips. _ tcp.example.com

returns

vcs.example.com

A record for

vcs.example.com

returns the IPv4 address of the VCS

AAAA record for

vcs.example.com

returns the IPv6 address of the VCS

How you add the DNS records depends on the type of DNS server you are using. Instructions for
setting up two common DNS servers are given in the Appendix

DNS Configuration

.

Recommended Configuration

If URI dialing is being used in conjunction with firewall traversal, DNS zones and DNS Servers
should be configured on the VCS Expressway and any VCSs on the public network only. VCSs
behind the firewall should not have any DNS zones or servers configured. This will ensure that
any outgoing URI calls made by endpoints registered with the VCS will be routed through the VCS
Expressway.
In addition, the DNS records should be configured with the address of the VCS Expressway as
the authoritative gatekeeper/proxy for the enterprise (see the Appendix

DNS Configuration

).

This ensures that incoming calls placed using URI dialing enter the enterprise through the VCS
Expressway, allowing successful traversal of the firewall.

URI Dialing and Firewall Traversal

In order for locally registered endpoints to be reached using URI dialing, they must register
using a full URI. This applies to both SIP and H.323 endpoints. If endpoints do not register
using a full URI, they will be discoverable only by the VCS to which they are registered, and

any neighbor VCSs.

Several mechanisms could have been used to locate the VCS. You may wish to enable calls
placed to

user@

to be routed to an existing registration for

[email protected]

. In this case you would configure a

Local Zone Transform

that would

strip the IP address of the VCS from the incoming URI and replace it with the domain name of

example.com

.