Using private ip addresses – D-Link DFL-2500 User Manual

1.

Go to Rules > IP Rules > Add > IPRule

2.

Now enter:

•

Name: H323AllowIn

•

Action: Allow

•

Service: H323

•

Source Interface: any

•

Destination Interface: lan

•

Source Network: 0.0.0.0/0 (all-nets)

•

Destination Network: lannet

•

Comment: Allow incoming calls

3.

Click OK

Example 6.7. Using Private IP Addresses

This scenario consists of two H.323 phones, each one connected behind the D-Link Firewall on a network with
private IP addresses. In order to place calls on these phones over the Internet, the following rules need to be
added to the rule set in the firewall, make sure there are no rules disallowing or allowing the same kind of
ports/traffic before these rules. As we are using private IPs on the phones, incoming traffic need to be SATed as
in the example below. The object ip-phone below should be the internal IP of the H.323 phone behind each
firewall.

Web Interface

Outgoing Rule:

1.

Go to Rules > IP Rules > Add > IPRule

2.

Now enter:

•

Name: H323Out

•

Action: NAT

•

Service: H323

•

Source Interface: lan

•

Destination Interface: any

•

Source Network: lannet

•

Destination Network: 0.0.0.0/0 (all-nets)

•

Comment: Allow outgoing calls

3.

Click OK

Incoming Rules:

1.

Go to Rules > IP Rules > Add > IPRule

2.

Now enter:

•

Name: H323In

•

Action: SAT

•

Service: H323

•

Source Interface: any

6.2.8. H.323

Chapter 6. Security Mechanisms

161