HP VCX Software manual DMZ/LAN type, SIP clients, Other

Page 66

Chapter 7. Firewall and Client Configuration

Let through TCP traffic between the Internet (all high ports) and the Telecommuting Mod- ule (ports 1024-32767). You must allow traffic in both directions.

Let through TCP traffic between the internal networks (all high ports) and the Telecom- muting Module (ports 1024-32767). You must allow traffic in both directions.

Let through UDP traffic between the Internet (all high ports) and the Telecommuting Module (the port interval for media streams which was set on the Basic Settings page). You must allow traffic in both directions.

Let through UDP traffic between the internal networks (all high ports) and the Telecom- muting Module (the port interval for media streams which was set on the Basic Settings page). You must allow traffic in both directions.

Let through UDP traffic between the Telecommuting Module (all high ports) and the In- ternet (port 53). You must allow traffic in both directions. This enables the Telecommuting Module to make DNS queries to DNS servers on the Internet. If the DNS server is located on the same network as the Telecommuting Module, you don’t have to do this step.

NAT between the Telecommuting Module and the Internet must not be used.

NAT between the Telecommuting Module and the internal networks must not be used.

The SIP clients

SIP clients will use the Telecommuting Module as their outgoing SIP proxy and as their registrar (if they can’t be configured with the domain only). If you don’t want to use the Telecommuting Module as the registrar, you should point the clients to the SIP registrar you want to use.

Other

The DNS server used must have a record for the SIP domain, which states that the Telecom- muting Module handles the domain, or many SIP clients won’t be able to use it (if you don’t use plain IP addresses as domains).

The DMZ/LAN type

Using the DMZ/LAN type, the network configuration should look like this:

58

Page 65 Page 67
Image 66
Page 65 Page 67
Contents 3Com VCX IP Telecommuting Module Getting started GuidePage 3Com VCX IP Telecommuting Module Getting started Guide Page Table of Contents Page Part I. Installation of the 3Com VCX IP Telecommuting Module Page Configuration alternatives What is a Telecommuting Module?Introduction DMZ ConfigurationDMZ/LAN Configuration Standalone ConfigurationOverview of the Installation About settings in 3Com VCX IP Telecommuting Module License ConditionsInstallation with magic ping Installing 3Com VCX IP Telecommuting ModuleInstallation Installation with a serial cablePage Page Page Page Installation with a diskette Page Page Turning off a Telecommuting Module Remember to lock up the Telecommuting ModuleInstalling 3Com VCX IP Telecommuting Module Part II. Configuring 3Com VCX IP Telecommuting Module Page Network Configuration Telecommuting Module TypeNetwork Configuration Interface Network Interface 1 Telecommuting Module Type configurationGeneral Status Directly Connected NetworksPhysical device Interface nameIP address NameDNS Name Or IP Address Netmask/BitsAlias Static Routing Routed networkRouter Main Default Gateways Default GatewayCancel SaveDynamic Policy For Packets From Unused GatewaysGateway Reference Hosts InterfaceNetworks and Computers Name SubgroupLower Limit Delete Row Upper LimitInterface/VLAN CreateNetwork SurroundingsSurroundings Additional NegotiatorsData Interfaces Name of this Telecommuting Module Default domain IP PolicyBasic Configuration Policy For Ping To Your 3Com VCX IP Telecommuting ModuleDNS Servers Reverts all the above fields to their previous configuration Network Configuration SIP Configuration Basic SettingsAdditional SIP Signaling Ports SIP ModuleTransport Provisioning RelaySIP Media Port Range CommentPublic IP address for NATed Telecommuting Module SIP Servers To MonitorServer Log class for SIP packets Log class for SIP signalingSIP Logging Log class for SIP license messagesDNS Override For SIP Requests Log class for SIP errorsRouting Log class for SIP media messagesDomain Relay ToFrom Network FilteringSender IP Filter Rules ActionContent Types Default Policy For SIP RequestsContent Type Interoperability URI EncodingAllow Remote NAT Traversal Remote Clients Signaling ForwardingRemote SIP Connectivity Remote NAT traversalNAT timeout for UDP NAT timeout for TCPNAT keepalive method Media Route Administration of the Telecommuting Module Access ControlConfiguration Allowed Via Interface User Authentication For Web Interface Access Configuration TransportConfiguration via Https Configuration ComputersConfiguration via Http Configuration via SSHDNS Name Or Network Address Netmask/Bits RangeVia IPsec Peer SSH Log ClassTest Preliminary Configuration Duration of limited test modeSave/Load Configuration Apply configurationBackup Show Message About Unapplied ChangesSave to diskette Save/Load CLI Command File Revert to Old Configurations Abort All Edits Reload Factory Configuration Administration of the Telecommuting Module Firewall and Client Configuration DMZ typeFirewall DMZ/LAN type SIP clientsOther Standalone type SIP clients Index Apply
Related manuals
Manual 446 pages 4.55 Kb
Top Page Image Contents