TANDBERG D13691.03 user manual Firewall Traversal

Page 20

TANDBERG Border Controller User Manual

3.6Firewall Traversal

The Border Controller works with the TANDBERG Gatekeeper, TANDBERG Expressway end- points and other endpoints which support the ITU H.460.18 and H.460.19 standards. In order to successfully traverse a firewall, the firewall is required to allow initial outbound traffic to des- ignated ports on the border controller and return traffic from those ports. The ports used are configurablea and by default are:

UDP/1719

TCP/1720

TCP/2776

TCP/2777

UDP/2776

UDP/2777

Non traversal calls — calls to the public internet — send traffic to ports determined by the receiving endpoint and from ports. Traffic is sent from UDP ports 1719 and 50,000–51,000 and TCP ports 15,000–24,000

Having the firewall only accept incoming data from the IP address and port to which data has already been sent allows you to maintain a secure network behind the firewall: unsolicited incoming data will not be accepted.

You are recommended to turn off any H.323 traversal features on the firewall: these are not needed in conjunction with the Expressway solution and may interfere with its operation.

The Gatekeeper identifies itself to the Border Controller with its Traversal Zone Name which may be determined with the command:

xConfiguration Zones TraversalZone Name

or using the Gatekeeper’s web interface on the System Configuration → Misc page.

Up to 50 Gatekeepers may register with the Border Controller. Each is identified with a unique Traversal Zone Name which is set with the command:

xConfiguration Zones TraversalZone [1..50 ] Name: name

or using the Border Controller’s web interface on the Border Controller Configuration → Traver- salZones page.

13

Image 20
Contents Tandberg Border Controller Trademarks and copyright DisclaimerEnvironmental Considerations Environmental IssuesTANDBERG’s Environmental Policy Operator Safety Summary Page Contents Software Upgrade Introduction Tandberg Border Controller Overview Unpacking InstallationPrecautions Connecting Cables Switching on the SystemInstallation site preparations MountingBorder Controller Initial Configuration Page Getting started System AdministrationAdministrator Account Root Account RegistrationNeighbor Gatekeepers Search Order Alternate Border Controllers Call Control Location decision flow diagram Firewall Traversal Bandwidth Control Page Bandwidth Control and Firewall Traversal Bandwidth Control Examples Network Deployment with firewalls Page Registration Control Registration Restriction PolicyAuthentication using an Ldap server AuthenticationAuthentication using a local database Securing the Ldap connection with TLS URI Dialing Creating DNS SRV recordsPage Example Traversal deployments Simple Enterprise deploymentEnterprise Gatekeepers Dialing Public IP addressesNeighbored enterprises URI dialing from within the enterprisePage Making Decisions Based on Addresses Address-switchCall Policy Subfield CPL Script Actions LocationProxy RejectUnsupported CPL Elements CPL ExamplesCall screening Selective Call ScreeningCall Redirection Event log format Controlling what is loggedLogging Event Levels Logged EventsDNS Event data 245,NTP,DNS,LDAPPage Remote Logging YYYY/MM/DD-HHMMSSSoftware Upgrade Upgrading Using HttpsUpgrading Using SCP Page Command Reference StatusCalls EthernetExternalmanager Feedback11.1.5 IP Ldap11.1.8 NTP PipesRegistrations ResourceUsageAuthentication 11.2 ConfigurationSystemUnit ZonesGatekeeper Page HTTP/HTTPS 11.2.6 IPLdap Option Key 11.2.9 Log11.2.10 NTP 11.2.15 SSH SessionSnmp Subzones Traversal TelnetTimeZone Zones Command Boot AllowListAddAllowListDelete CheckBandwidthDefaultLinksAdd DefaultValuesSetDenyListAdd DenyListDeleteFeedbackRegister FeedbackDeregisterFindRegistration LinkAddOptionKeyAdd OptionKeyDeletePipeAdd PipeDeleteHistory Feedback Other commands AboutClear EventlogRelkey SyslogAppendix Configuring DNS Servers Microsoft DNS ServerVerifying the SRV record Bind 8As expected Appendix Configuring Ldap Servers Microsoft Active DirectoryPrerequisites Adding H.350 objectsOpenLDAP Securing with TLSInstalling the H.350 schemas Add the H.350 objects Electrical Safety ApprovalsEMC Emission Radiated Electromagnetic Interference EMC ImmunityTechnical Specifications Certification Physical DimensionsPower supply References Glossary Index

D13691.03 specifications

The TANDBERG D13691.03 is a cutting-edge communication device that has been designed to meet the rigorous demands of modern business environments. Known for its reliability and versatility, the D13691.03 offers a comprehensive suite of features that enhance collaboration and productivity for organizations seeking seamless communication solutions.

One of the key characteristics of the TANDBERG D13691.03 is its exceptional video quality. Equipped with advanced video codecs, this device provides users with crystal clear HD video, ensuring that every interaction is as lifelike and engaging as possible. The intelligent bandwidth management technology optimizes the video quality based on the available network conditions, allowing for smooth and uninterrupted communication even in less than ideal network scenarios.

In addition to superior video capabilities, the D13691.03 boasts impressive audio technology. With integrated echo cancellation and noise reduction features, users can enjoy natural and clear audio during calls. This ensures that conversations are not only visually effective but also audibly intelligible, allowing for a more immersive communication experience.

Another notable feature of the TANDBERG D13691.03 is its user-friendly interface. Designed with usability in mind, the device comes with a touchscreen interface that simplifies navigation through the various settings and options. Users can easily connect with colleagues, schedule meetings, and access video conferencing features in just a few taps.

Moreover, the D13691.03 supports various connectivity options, including Ethernet and Wi-Fi, providing users with the flexibility to connect to their networks with ease. The device is also compatible with standard video conferencing protocols, making it an ideal solution for organizations that utilize multiple communication platforms.

The D13691.03 has been designed with security in mind, featuring advanced encryption protocols to protect sensitive data during video calls. This ensures that conversations remain confidential and secure, which is crucial for businesses handling proprietary information.

Overall, the TANDBERG D13691.03 stands out as a robust communication solution that enhances the way organizations interact. With its blend of high-quality video and audio capabilities, user-friendly design, and strong security measures, this device is well-equipped to handle the dynamic needs of modern workplaces, facilitating collaboration and driving productivity. Businesses looking to improve their communication infrastructure will find the TANDBERG D13691.03 to be an invaluable addition to their technology arsenal.