Kerio-tech Firewall6 Manual de usuario Pagina 99
- Pagina / 404
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
7.8 Use of Full cone NAT
99
Example: SIP telephone in local network
In the local network, there is an IP telephone registered to an SIP server in the Internet. The
parameters may be as follows:
• IP address of the phone: 192.168.1.100
• Public IP address of the firewall: 195.192.33.1
• SIP server: sip.server.com
Since the firewall performs IP address translation, the telephone is registered on the SIP server
with the firewall’s public address (195.192.33.1). If there is a call from another telephone
to this telephone, the connection will go through the firewall’s address (195.192.33.1) and
the corresponding port. Under normal conditions, such connection can be established only
directly from the SIP server (to which the original outgoing connection for the registration was
established). However, use of Full cone NAT allows such connection for any client calling to
the SIP telephone in the local network.
Full cone NAT will be enabled by an extremely restrictive traffic rule (to keep the security level
as high as possible):
Figure 7.39 Definition of a Full cone NAT traffic rule
• Source — IP address of an SIP telephone in the local network.
• Destination — name or IP address of an SIP server in the Internet. Full cone NAT will
apply only to connection with this server.
• Service — SIP service (for an SIP telephone). Full cone NAT will not apply to any other
services.
• Action — traffic must be allowed.
• Translation — select a source NAT method (see chapter 7.3) and enable the Allow
returning packets from any host (Full cone NAT) option.
Rule for Full cone NAT must precede the general rule with NAT allowing traffic from the local
network to the Internet.
- Kerio WinRoute Firewall 6 1
- Contents 3
- Quick Checklist 7
- Introduction 9
- 2.2 Conflicting software 11
- 2.3 Installation 13
- Sharing 17
- 2.4 WinRoute Components 18
- 2.5 WinRoute Engine Monitor 19
- 2.7 Configuration Wizard 22
- WinRoute Administration 24
- 3.2 View Settings 27
- Chapter 4 29
- 4.2 License information 30
- 4.6 User counter 42
- Network interfaces 44
- Figure 5.2 Editing interfaces 47
- Internet Connection 49
- 6.3 Connection Failover 58
- Chapter 6 Internet Connection 60
- 6.4 Network Load Balancing 62
- Traffic Policy 67
- 7.2 How traffic rules work 74
- 7.4 Basic Traffic Rule Types 87
- 7.5 Policy routing 93
- 7.8 Use of Full cone NAT 98
- 7.9 Media hairpinning 100
- Chapter 8 102
- 8.1 DNS Forwarder 102
- 8.2 DHCP server 108
- 8.4 Proxy server 120
- 8.5 HTTP cache 123
- Bandwidth Limiter 130
- User Authentication 137
- Web Interface 141
- 11.2 User logon and logout 146
- 11.4 User preferences 150
- 11.5 Dial-up 153
- HTTP and FTP filtering 154
- 12.2 URL Rules 155
- 12.6 FTP Policy 171
- Antivirus control 176
- 13.3 HTTP and FTP scanning 181
- 13.4 Email scanning 185
- Definitions 189
- 14.2 Time Intervals 190
- 14.3 Services 192
- 14.4 URL Groups 196
- User Accounts and Groups 199
- 15.2 Local user accounts 202
- Step 1 — basic information 203
- 15.5 User groups 219
- Chapter 16 223
- 16.2 Update Checking 224
- Advanced security features 227
- Other settings 233
- 18.3 Relay SMTP server 238
- Status Information 240
- 19.3 Alerts 251
- Figure 19.11 Alert Definitions 252
- Basic statistics 256
- Figure 20.1 User statistics 257
- 20.2 Interface statistics 258
- Chapter 21 262
- 21.4 Accounting period 270
- 21.5 Overall View 272
- 21.6 User statistics 276
- 21.7 Users’ Activity 277
- 21.8 Users by Traffic 282
- 21.9 Top Visited Websites 283
- Chapter 22 288
- 22.1 Log settings 288
- Figure 22.1 Log settings 289
- 22.2 Logs Context Menu 291
- 22.3 Alert Log 295
- 22.4 Config Log 295
- 22.5 Connection Log 297
- 22.6 Debug Log 298
- 22.7 Dial Log 299
- 22.8 Error Log 301
- 22.9 Filter Log 303
- 22.10 Http log 304
- 22.11 Security Log 306
- 22.12 Sslvpn Log 307
- 22.13 Warning Log 308
- 22.14 Web Log 309
- Kerio VPN 310
- 23.1 VPN Server Configuration 311
- Chapter 23 Kerio VPN 330
- Paris branch office server 360
- Kerio Clientless SSL-VPN 363
- Chapter 25 371
- Technical support 386
- 26.2 Tested in Beta version 387
- 26.3 Contacts 387
- Legal Notices 389
- Used open-source libraries 390
- Glossary of terms 392
© 2020, manymanuals.es. Todos los derechos reservados | 0.051 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales