Nortel 4134 사용자 가이드
Interoperability with CS 1000 and MCS 5100 call servers
31
When the Secure Router is configured with the Cone NAT functionality, any
call server that supports STUN can provide NAT traversal with the SR4134.
No additional configuration is required on the SR4134.
call server that supports STUN can provide NAT traversal with the SR4134.
No additional configuration is required on the SR4134.
The CS 1000 series call servers and Nortel IP Phones implement a
STUN-aware protocol for UNIStim, and can therefore support NAT traversal
with the SR4134. Neither MCS 5100 nor BCM support STUN. However, the
SIP ALG provides a NAT traversal strategy for the MCS 5100, as described
in the following section.
STUN-aware protocol for UNIStim, and can therefore support NAT traversal
with the SR4134. Neither MCS 5100 nor BCM support STUN. However, the
SIP ALG provides a NAT traversal strategy for the MCS 5100, as described
in the following section.
SIP ALG for MCS 5100
The SIP ALG provides a solution for SIP-based Nortel VoIP products to
operate in a firewall and NAT-enabled environment. Currently, supported
configurations are limited to MCS 5100 series call servers.
operate in a firewall and NAT-enabled environment. Currently, supported
configurations are limited to MCS 5100 series call servers.
In a NAT environment, VoIP protocols require processing to translate IP
addresses embedded in their messages. However, VoIP signalling protocols
operate at Layer 5, while NAT processing typically only affects Layer 3
addressing.
addresses embedded in their messages. However, VoIP signalling protocols
operate at Layer 5, while NAT processing typically only affects Layer 3
addressing.
The SIP Application Level Gateway provides the SIP protocol application
intelligence required to complete calls using application-level address
translation. The SIP ALG removes any occurrences of the internal client
private IP address and port in the outgoing SIP messages and replaces
these with the public IP address and port. It also monitors the message
exchanges between the clients and dynamically creates and manages the
pinholes required for media traffic to traverse the firewall.
intelligence required to complete calls using application-level address
translation. The SIP ALG removes any occurrences of the internal client
private IP address and port in the outgoing SIP messages and replaces
these with the public IP address and port. It also monitors the message
exchanges between the clients and dynamically creates and manages the
pinholes required for media traffic to traverse the firewall.
The SIP ALG enables Nortel MCS Clients, in tandem with the MCS Server,
to complete calls through application-level address translation.
to complete calls through application-level address translation.
As shown in the following figure, all SIP traffic can be divided into two types
depending on the origination and termination point.
depending on the origination and termination point.
•
SIP Line Side:
Traffic that flows between a call server and an IP set
•
SIP Trunk Side:
Traffic that flows between two call servers
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.