Cisco Systems VC-289 manual Proxy in Co-Edge Mode, VC-299

Page 11

Configuring H.323 Gatekeepers and Proxies

H.323 Proxy Features

Proxy in Co-Edge Mode

If H.323 terminals exist in an area with local interior addresses that must be translated to valid exterior addresses, the firewall must be capable of decoding and translating all addresses passed in the various H.323 protocols. If the firewall is not capable of this translation task, a proxy may be placed next to the firewall in a co-edge mode. In this configuration, interfaces lead to both inside and outside networks.

(See Figure 59.)

Figure 59 Proxy in Co-Edge Mode

Terminals

Firewall

Gatekeeper

Proxy

Edge router

Outside devices

S6914

In co-edge mode, the proxy can present a security risk. To avoid exposing a network to unsolicited traffic, configure the proxy to route only proxied traffic. In other words, the proxy routes only H.323 protocol traffic that is terminated on the inside and then repeated to the outside. Traffic that moves in the opposite direction can be configured this way as well.

Cisco IOS Voice, Video, and Fax Configuration Guide

VC-299

Image 11
Contents VC-289 Configuring H.323 Gatekeepers and ProxiesVC-290 Principal Multimedia Conference Manager FunctionsGateway Support for Alternate Gatekeepers Zone and Subnet ConfigurationRedundant H.323 Zone Support Gatekeeper Multiple Zone SupportVC-292 Technology PrefixesTerminal Name Registration Interzone CommunicationRadius and TACACS+ Accounting via Radius and TACACS+VC-294 Interzone Routing Using E.164 AddressesVC-295 VC-296 Hsrp SupportVC-297 SecurityVC-298 Proxy Inside the FirewallVC-299 Proxy in Co-Edge ModeVC-300 Proxy Outside the FirewallProxies and NAT VC-301 Quality of ServiceApplication-Specific Routing VC-302 Prerequisite Tasks and RestrictionsVC-303 Configuring the GatekeeperVC-304 Starting a GatekeeperVC-305 H323-gateway voip h.323-id commandGw-prioritypriority gw-alias-Optional Use Subnet-address /bits-in-mask Zone subnet commandMask-addressenable Subnet local-gatekeeper-nameVC-307 Configuring Intergatekeeper CommunicationServer-address2...server-address6 -Optional Ras gk-id@host port priorityVC-308 Configuring Redundant H.323 Zone SupportOther-gatekeeper-ip-address-Specifies the IP VC-309 Configuring Local and Remote GatekeepersOther-gatekeeper-ip-address -IP address Configuring Redundant Gatekeepers for a Zone PrefixVerifying Zone Prefix Redundancy Other-gatekeeper-name -Name of the remoteVC-311 Configuring Redundant Gatekeepers for a Technology PrefixZone local or zone remote command. You can VC-312 Verifying Technology Prefix RedundancyVC-313 Configuring Static NodesVC-314 Configuring H.323 Users via RadiusVC-315 Server radius or aaa group server tacacs+VC-316 VC-317 Password default password-SpecifiesVC-318 Configuring a RADIUS/AAA ServerVC-319 Users via Radius section onVC-320 Configuring User Accounting Activity for RadiusVC-321 Configuring E.164 Interzone RoutingOther-gatekeeper-ip-address -Specifies the IP VC-322 Configuring H.323 Version 2 FeaturesVC-323 Configuring a Dialing Prefix for Each GatewayVC-324 Gateway with the h323-gateway voip h.323-id commandVC-325 Following is an example of a registration messageVC-326 Configuring a Prefix to a Gatekeeper Zone ListVC-327 Arq, lcf, lrj, lrq, rrq, urq -Specifies RegistrationVC-328 VC-329 VC-330 Configuring Inbound or Outbound Gatekeeper Proxied AccessRemote-zone remote-zone-name -Defines a VC-331 Verifying Gatekeeper Proxied Access ConfigurationRouter# show gatekeeper zone status VC-332 Configuring the ProxyConfiguring a Forced Disconnect on a Gatekeeper VC-333 Configuring a Proxy Without ASRShow interfaces command VC-334 VC-335 VC-336 VC-337 Configuring a Proxy with ASRTunnel Vg-anylanVC-338 Without ASR section onVC-339 VC-340 Cisco IOS Dial Technologies CommandVC-341 VC-342 VC-343 VC-344 VC-345 Configuring a Proxy with ASR section onVC-346 Configuring a Gatekeeper ExampleVC-347 Redundant Gatekeepers for a Zone Prefix ExampleRedundant Gatekeepers for a Technology Prefix Example Interzone Routing ExampleVC-348 VC-349 Configuring Hsrp on the Gatekeeper ExampleVC-350 Using ASR for a Separate Multimedia Backbone ExampleVC-351 Enabling the Proxy to Forward H.323 PacketsIsolating the Multimedia Network VC-352 PX1 ConfigurationVC-353 R1 ConfigurationVC-354 Co-Edge Proxy with Subnetting ExampleVC-355 VC-356 PX2 ConfigurationR2 Configuration VC-357 Configuring a QoS-Enforced Open Proxy Using Rsvp ExampleVC-358 VC-359 Configuring a Closed Co-Edge Proxy with ASRVC-360 Defining Multiple Zones ExampleDefining One Zone for Multiple Gateways Example VC-361 Configuring a Proxy for Inbound Calls ExampleConfiguring a Proxy for Outbound Calls Example VC-362 Removing a Proxy Example Security ExampleVC-363 Gktmp and RAS Messages ExampleProhibiting Proxy Use for Inbound Calls Example VC-364

VC-289 specifications

Cisco Systems has long been a leader in networking technology, and among its diverse range of products is the VC-289. Designed specifically for enhanced performance in high-demand environments, the VC-289 serves a critical role in supporting the modern networking infrastructure.

One of the standout features of the VC-289 is its scalability. The device is engineered to easily accommodate expanded workloads, ensuring that organizations can grow without the need for frequent upgrades. This scalability is complemented by Cisco's commitment to backward compatibility, allowing businesses to integrate new systems with existing setups seamlessly.

In terms of performance, the VC-289 boasts impressive processing power. With advanced multi-core architecture, it is capable of handling multiple data streams simultaneously, making it ideal for environments that require consistent data flow, such as cloud computing and IoT applications. The device’s high throughput ensures that users experience minimal latency, facilitating quick data transfers even during peak usage times.

Security is another key characteristic of the VC-289. Cisco has integrated robust security protocols that protect against various cyber threats. Through features such as advanced encryption standards and intrusion prevention systems, organizations can ensure that sensitive data remains secure and is not compromised during transmission.

Another notable technology within the VC-289 is its support for software-defined networking (SDN) capabilities. This allows for more flexible network management, enabling IT teams to adapt the network according to evolving business needs. The ability to programmatically control the network also means that businesses can implement changes more rapidly, reducing downtime and improving overall productivity.

The VC-289 is designed with energy efficiency in mind, featuring power-saving modes that help reduce operational costs. This focus on sustainability not only benefits the environment but also appeals to organizations striving to meet corporate social responsibility objectives.

In conclusion, the Cisco Systems VC-289 stands as an exemplary solution for modern networking challenges. With its scalability, performance capabilities, enhanced security features, SDN support, and energy efficiency, it meets the demands of today's fast-paced and ever-evolving technological landscape. Organizations looking to invest in a robust networking solution would do well to consider the VC-289 as a cornerstone of their infrastructure.