ZyXEL Communications ZyWALL 1000 User Manual
Chapter 18 ALG
ZyWALL USG 1000 User’s Guide
271
18.4 WAN to LAN SIP Peer-to-peer Calls Example
This example shows how to configure firewall and virtual server (port forwarding) rules to
allow H.323 calls to come in through WAN IP address 10.0.0.8 to computer A at IP address
192.168.1.56 on the LAN.
allow H.323 calls to come in through WAN IP address 10.0.0.8 to computer A at IP address
192.168.1.56 on the LAN.
Figure 176 WAN to LAN H.323 Peer-to-peer Calls Example
Configure the virtual server policy first to forward H.323 (TCP port 1720) traffic received on
the ZyWALL’s 10.0.0.8 WAN IP address to LAN IP address 192.168.1.56.
the ZyWALL’s 10.0.0.8 WAN IP address to LAN IP address 192.168.1.56.
1 Click Network > Virtual Server > Add.
2 Configure the screen as follows and click OK.
2 Configure the screen as follows and click OK.
Figure 177 Network > Virtual Server > Add
Now configure a firewall rule to allow H.323 (TCP port 1720) traffic received on the
WAN_IP-for-H323 IP address to go to LAN IP address 192.168.1.56.
WAN_IP-for-H323 IP address to go to LAN IP address 192.168.1.56.
3 Click Firewall. In From Zone, select WAN; in To Zone, select LAN.
4 The default rule for WAN-to-LAN traffic drops all traffic. You want to allow SIP access
4 The default rule for WAN-to-LAN traffic drops all traffic. You want to allow SIP access
through IP address 10.0.0.8, so add a rule before the default rule. Click the Add icon at
the top of the column.
the top of the column.