H.323 with private ipv4 addresses – Amer Networks E5Web GUI User Manual

•

Service: H323

•

Source Interface: any

•

Destination Interface: lan

•

Source Network: 0.0.0.0/0 (all-nets)

•

Destination Network: lan_net

•

Comment: Allow incoming calls

3.

Click OK

Example 6.6. H.323 with Private IPv4 Addresses

In this scenario a H.323 phone is connected to the Clavister Security Gateway on a network with
private IPv4 addresses. To make it possible to place a call from this phone to another H.323
phone on the Internet, and to allow H.323 phones on the Internet to call this phone, we need to
configure rules. The following rules need to be added to the rule set, make sure there are no rules
disallowing or allowing the same kind of ports/traffic before these rules.

As we are using private IPs on the phone, incoming traffic needs to be SATed as in the example
below. The object ip-phone should be the internal IP of the H.323 phone.

InControl

Follow the same steps used for the Web Interface below.

Web Interface

Outgoing Rule:

1.

Go to: Policies > Add > IPRule

2.

Now enter:

•

Name: H323Out

•

Action: NAT

•

Service: H323

•

Source Interface: lan

•

Destination Interface: any

•

Source Network: lan_net

•

Destination Network: 0.0.0.0/0 (all-nets)

•

Comment: Allow outgoing calls

3.

Click OK

Incoming Rules:

Chapter 6: Security Mechanisms

427