ZyXEL Communications ZyWALL 1000 18.4 WAN to LAN SIP Peer-to-peerCalls Example

Chapter 18 ALG

18.4 WAN to LAN SIP Peer-to-peer Calls Example

This example shows how to configure firewall and virtual server (port forwarding) rules to allow H.323 calls to come in through WAN IP address 10.0.0.8 to computer A at IP address 192.168.1.56 on the LAN.

Figure 176 WAN to LAN H.323 Peer-to-peer Calls Example

Configure the virtual server policy first to forward H.323 (TCP port 1720) traffic received on the ZyWALL’s 10.0.0.8 WAN IP address to LAN IP address 192.168.1.56.

1Click Network > Virtual Server > Add.

2Configure the screen as follows and click OK.

Figure 177 Network > Virtual Server > Add

Now configure a firewall rule to allow H.323 (TCP port 1720) traffic received on the WAN_IP-for-H323 IP address to go to LAN IP address 192.168.1.56.

3Click Firewall. In From Zone, select WAN; in To Zone, select LAN.

4The default rule for WAN-to-LAN traffic drops all traffic. You want to allow SIP access through IP address 10.0.0.8, so add a rule before the default rule. Click the Add icon at the top of the column.

	271
ZyWALL USG 1000 User’s Guide	271