Firewall Wizards mailing list archives
RE: IP-VPN/VoIP
From: Lucas Thompson <Lucas.Thompson () watchguard com>
Date: Fri, 29 Jun 2001 18:50:44 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If you're using a secure VPN then it's not really a security hole to allow a range of ports only across the tunnel? Different applications deal with H.323 differently. I have had some work and some not. Netmeeting is the absolute worst. If they follow the H.323 protocol properly, there are several different firewalls that are able to follow the call setup. - -----Original Message----- From: Irwin Lazar [mailto:ILazar () tbg com] Sent: Thursday, June 21, 2001 1:09 PM To: 'firewall-wizards () nfr com' Subject: [fw-wiz] IP-VPN/VoIP I'm curious to see what folks are doing to support VoIP across encrypted IP-VPNs. From our understanding, very few firewalls can statefully manage the random port selection during an H.323 call setup, so the only way to support VoIP across a firewall is to open up a range of ports. For obvious reasons, this isn't something I feel comfortable recommending. Has anyone run across this issue and if so, how did you address it? - ----- Irwin Lazar - ilazar () tbg com <mailto:ilazar () tbg com> Senior Consultant, The Burton Group Office: 703-742-9659 Cell: 703-402-4119 http://www.tbg.com/ "The Ultimate Resource For Network Architects" _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBOz0wghkEZcnI1admEQIsywCg2mXs98G1Xx4SYrn0hN+bOhy2dkwAoITU MVeYF37KvnN9bb9u4/8w6Aiw =6cvw -----END PGP SIGNATURE----- _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: IP-VPN/VoIP Lucas Thompson (Jul 02)
- Re: IP-VPN/VoIP Paul Cardon (Jul 03)