Using private ip addresses – D-Link DFL-2500 User Manual
Page 161
1.
Go to Rules > IP Rules > Add > IPRule
2.
Now enter:
•
Name: H323AllowIn
•
Action: Allow
•
Service: H323
•
Source Interface: any
•
Destination Interface: lan
•
Source Network: 0.0.0.0/0 (all-nets)
•
Destination Network: lannet
•
Comment: Allow incoming calls
3.
Click OK
Example 6.7. Using Private IP Addresses
This scenario consists of two H.323 phones, each one connected behind the D-Link Firewall on a network with
private IP addresses. In order to place calls on these phones over the Internet, the following rules need to be
added to the rule set in the firewall, make sure there are no rules disallowing or allowing the same kind of
ports/traffic before these rules. As we are using private IPs on the phones, incoming traffic need to be SATed as
in the example below. The object ip-phone below should be the internal IP of the H.323 phone behind each
firewall.
Web Interface
Outgoing Rule:
1.
Go to Rules > IP Rules > Add > IPRule
2.
Now enter:
•
Name: H323Out
•
Action: NAT
•
Service: H323
•
Source Interface: lan
•
Destination Interface: any
•
Source Network: lannet
•
Destination Network: 0.0.0.0/0 (all-nets)
•
Comment: Allow outgoing calls
3.
Click OK
Incoming Rules:
1.
Go to Rules > IP Rules > Add > IPRule
2.
Now enter:
•
Name: H323In
•
Action: SAT
•
Service: H323
•
Source Interface: any
6.2.8. H.323
Chapter 6. Security Mechanisms
161