Sip/h.323 alg configuration example, Network requirements, Configuration procedure – H3C Technologies H3C SecBlade FW Cards User Manual
Page 38
31
# Configure the internal FTP server.
•
Select Firewall > NAT > Internal Server from the navigation tree. Then in the Internal Server area,
click Add.
•
Select GigabitEthernet0/1.
•
Select 6(TCP) as the protocol type,
•
Type 5.5.5.10 as the external IP address.
•
Type 21 as the global port.
•
Type 192.168.1.2 as the internal IP address.
•
Type 21 as the internal port.
•
Click Apply.
SIP/H.323 ALG configuration example
NOTE:
H.323 ALG configuration is similar to SIP ALG configuration. The following takes SIP ALG configuration
as an example.
Network requirements
As shown in
, a company accesses the Internet through a device with NAT and ALG enabled.
The inside network segment of the company is 192.168.1.0/24. Configure NAT and ALG to meet the
following requirements:
•
SIP UA 1 in the inside network and SIP UA 2 in the outside network can communicate with their
aliases.
•
The company has four public network addresses: 5.5.5.1, 5.5.5.9, 5.5.5.10, and 5.5.5.11. SIP UA 1
selects one from the range 5.5.5.9 to 5.5.5.11 as its public network address when registering with
the SIP server in the outside network.
Figure 22 Network diagram for SIP ALG configuration
Configuration procedure
1.
Configure ALG.
# Configure SIP ALG. (By default, the SIP ALG function is enabled, and thus this step can be omitted.)
•
Select Firewall > ALG from the navigation tree.
•
Select sip in the Optional Application Protocols list and click the << button.
•
Click OK.
2.
Configure an ACL.