Jump to content


Photo
- - - - -

Why Linphone didn't work...


  • Please log in to reply
1 reply to this topic

#1 dual

dual

    BinRev veteran

  • Agents of the Revolution
  • 1,196 posts
  • Gender:Male

Posted 21 April 2003 - 07:29 AM

This is for BoBB in particular, but others should find it of interest:

1. What's the significance of VoIP-enabled firewalls in terms of the problems they address and how much impact they can have on an end user's network? Are current-generation products up to the challenge?

The key problem to be addressed is that voice traffic-whether H.323 or SIP Session Initiation Protocol-uses unpredictable, dynamically-assigned UDP port numbers to carry voice packets. To support such VoIP traffic, administrators would have to leave thousands of port numbers open, creating a huge security "hole" in their firewalls. This isn't an issue for the H.323 or SIP control messages used for call control or initial call setup, since firewalls can leave these few well-known ports open. The problem is what to do for RTP Real-Time Protocol packets associated with calls that originate from outside the firewall. This is all further complicated by the widespread use of NAT Network Address Translation, which requires mapping of IP addresses embedded within VoIP call control packets.

Multiple solutions have become available. For example, you can use an external H.323 or SIP proxy server product that can "tunnel" VoIP traffic through known firewall ports, or have the proxy instruct the firewall which UDP ports to open on a per-call basis. Alternatively, these same functions can be embedded in the firewall itself, with an integral proxy server telling the firewall which ports to open as needed.

#2 White_Raven

White_Raven

    That's so raven!

  • Banned
  • 1,597 posts

Posted 21 April 2003 - 02:50 PM

for easy voip check out http://www.speakfreely.org/ , its all GPL and they even have a version for linux.




BinRev is hosted by the great people at Lunarpages!