[Prev][Next][Report an Error]

Configuring the H.323 ALG—Quick Configuration

You can use J-Web Quick Configuration to quickly configure H.323 ALG Parameters

Figure 58: H.323 ALG Configurationy

H.323 ALG Configurationy

To configure the H.323 ALG with Quick Configuration:

  1. In the J-Web user interface, select Configure>Security>ALGs>VoIP ALG.

    Figure 58 shows the H.323 ALG page.

  2. Fill in the parameter settings as described in Table 169 and click one of the following buttons:

Table 169: H.323 Configuration Options

Enable H323 ALG

Enable or disable the H.323 ALG

Click the check box.

Endpoint Registration Timeout

Controls how long entries remain in the NAT table.

Enter a value between 10 and 50,000 seconds.

Media Source Port Any

Allows media traffic from any port number. By default, this feature is disabled. When disabled, the device allows a temporary opening, or pinhole, in the firewall as needed for media traffic.

Enter a value between 1 and 50,000 seconds.

 

Message Flood Gatekeeper Threshold

Limits the rate per second at which remote access server (RAS) requests to the gatekeeper are processed. Messages exceeding the threshold are dropped. This feature is disabled by default.

Enter a value

Permit NAT Applied Unknown Message

Specifies how unidentified H.323 messages are handled by the device. The default is to drop unknown (unsupported) messages. Permitting unknown messages can compromise security and is not recommended. However, in a secure test or production environment, this statement can be useful for resolving interoperability issues with disparate vendor equipment. By permitting unknown H.323 (unsupported) messages, you can get your network operational and later analyze your VoIP traffic to determine why some messages were being dropped.

This statement applies only to received packets identified as supported VoIP packets. If a packet cannot be identified, it is always dropped. If a packet is identified as a supported protocol, the message is forwarded without processing.

Click the check box.

Permit Routed Unknown Message

Specifies that unknown messages be allowed to pass if the session is in Route mode. (Sessions in Transparent mode are treated as Route mode.)

Click the check box.


[Prev][Next][Report an Error]