Chapter 15 ALG
FTP ALG
The FTP ALG allows TCP packets with a specified port destination to pass through. If the FTP server is located on the LAN, you must also configure NAT (port forwarding) and firewall rules if you want to allow access to the server from the WAN.
H.323 ALG
•The H.323 ALG supports
•The H.323 ALG handles H.323 calls that go through NAT or that the ZyWALL routes. You can also make other H.323 calls that do not go through NAT or routing. Examples would be calls between LAN IP addresses that are on the same subnet.
•The H.323 ALG allows calls to go out through NAT. For example, you could make a call from a private IP address on the LAN to a peer device on the WAN.
•The H.323 ALG operates on TCP packets with a specified port destination.
•The ZyWALL allows H.323 audio connections.
•The ZyWALL can also apply bandwidth management to traffic that goes through the H.323 ALG.
The following example shows H.323 signaling (1) and audio (2) sessions between H.323 devices A and B.
Figure 136 H.323 ALG Example
SIP ALG
•SIP phones can be in any zone (including LAN, DMZ, WAN), and the SIP server and SIP clients can be in the same network or different networks.
•There should be only one SIP server (total) on the ZyWALL’s private networks. Any other SIP servers must be on the WAN. So for example you could have a
•Using the SIP ALG allows you to use bandwidth management on SIP traffic.
•The SIP ALG handles SIP calls that go through NAT or that the ZyWALL routes. You can also make other SIP calls that do not go through NAT or routing. Examples would be calls between LAN IP addresses that are on the same subnet.
•The SIP ALG supports
•The SIP ALG allows UDP packets with a specified port destination to pass through.
•The ZyWALL allows SIP audio connections.
•You do not need to use TURN (Traversal Using Relay NAT) for VoIP devices behind the ZyWALL when you enable the SIP ALG.
234 |
|
ZyWALL 110/310/1100 Series User’s Guide | |
|
|