Configuration procedure, Sip/h.323 alg configuration example, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual
Page 48
4
Figure 2 Network diagram for FTP ALG configuration
Configuration procedure
# Configure the address pool and ACL.
[Device] nat address-group 1 5.5.5.9 5.5.5.11
[Device] acl number 2001
[Device-acl-basic-2001] rule permit
[Device-acl-basic-2001] quit
# Enable ALG for FTP.
[Device] alg ftp
# Configure NAT.
[Device] interface gigabitethernet0/1
[Device-GigabitEthernet0/1] nat outbound 2001 address-group 1
# Configure internal FTP server.
[Device-GigabitEthernet0/1] nat server protocol tcp global 5.5.5.10 ftp inside 192.168.1.2
ftp
SIP/H.323 ALG Configuration Example
NOTE:
H.323 ALG configuration is similar to SIP ALG configuration. The following takes SIP ALG configuration
as an example.
Network requirements
As shown in
, a company accesses the Internet through a device with NAT and ALG enabled. The
inside network segment of the company is 192.168.1.0/24. You need to configure NAT and ALG to meet
the following requirements:
•
SIP UA 1 in the inside network and SIP UA 2 in the outside network can communicate with their
aliases.
•
The company has four public network addresses: 5.5.5.1, 5.5.5.9, 5.5.5.10, and 5.5.5.11. SIP UA 1
selects one from the range 5.5.5.9 to 5.5.5.11 as its public network address when registering with
the SIP server in the outside network.