beautypg.com

The h.323 alg, H.323 components, H.323 protocols – Amer Networks E5Web GUI User Manual

Page 423

background image

Action

Src Interface

Src Network

Dest Interface

Dest Network

OutboundToProxy

Allow

lan

lan_net

dmz

ip_proxy

OutboundFromProxy

Allow

dmz

ip_proxy

lan

lan_net

InboundFromProxy

Allow

dmz

ip_proxy

core

dmz_ip

InboundToProxy

Allow

wan

all-nets

dmz

ip_proxy

With Record-Route disabled, the following IP rules must be added to those above:

Action

Src Interface

Src Network

Dest Interface

Dest Network

OutboundBypassProxy

Allow

lan

lan_net

wan

all-nets

InboundBypassProxy

Allow

wan

all-nets

lan

lan_net

6.2.9. The H.323 ALG

H.323 is a standard approved by the International Telecommunication Union (ITU) to allow
compatibility in video conference transmissions over IP networks. It is used for real-time audio,
video and data communication over packet-based networks such as the Internet. It specifies the
components, protocols and procedures for providing such multimedia communication,
including Internet phone and voice-over-IP (VoIP). (For VoIP see also Section 6.2.8, “The SIP ALG”.)

H.323 Components

H.323 consists of four main components:

Terminals

Devices used for audio and optionally video or data
communication, such as phones, conferencing units, or
"software phones" such as the product "NetMeeting".

Gateways

An H.323 gateway connects two dissimilar networks and
translates traffic between them. It provides connectivity
between H.323 networks and non-H.323 networks such as
public switched telephone networks (PSTN), translating
protocols and converting media streams. A gateway is not
required for communication between two H.323 terminals.

Gatekeepers

The Gatekeeper is a component in the H.323 system which
is used for addressing, authorization and authentication of
terminals and gateways. It can also take care of bandwidth
management, accounting, billing and charging. The
gatekeeper may allow calls to be placed directly between
endpoints, or it may route the call signalling through itself
to perform functions such as follow-me/find-me, forward
on busy, etc. It is needed when there is more then one
H.323 terminal behind a NATing device with only one
public IP.

Multipoint Control Units

MCUs provide support for conferences of three or more
H.323 terminals. All H.323 terminals participating in the
conference call have to establish a connection with the
MCU. The MCU then manages the calls, resources, video
and audio codecs used in the call.

H.323 Protocols

Chapter 6: Security Mechanisms

423

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: