H.323 and ICMP

cmblk
cmblk used Ask the Experts™
on
i want to know whether H.323 uses ICMP for VoIP calls.If we block the ICMP packets at the router,  can VoIP calls be processed?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Commented:
It is never a good idea to block all ICMP on a router. You will run into all sorts of trouble if you do. You need the ICMP redirects and source quench and destination unreachable messages for the network to function properly.

http://www.zvon.org/tmRFC/RFC1009/Output/chapter2.html

Adrian DobrotaNetworking Engineer
Commented:
Voice over IP uses ICMP packets. So, you'll need ICMP free. But what I don't get is why do you have a firewall before a VOIP gateway...
Let me explain to you one good configuration I'm using.
ISP  -> Fibre Optics -> Media converter -> UTP -> switch -> VOIP gateway with public IP address (has to be this way)
                                                                                  -> firewall -> router -> switch -> MANY workstations
Why do you want to protect the VOIP gateway? If you place it before router/firewall you don't have to bother to route the IP of the VOIP  and don't bother too about the firewall restrictions.
Also,  if you want to modify settings from outside and access via TELNET, probably the firewall won't allow you.
Just be sure to have a complex admin passwd on the VOIP unit and upgrade the firmware constantly in case a flaw appears, and all will be ok.
If you still want to place it behind a firewall, you'll have to allow ICMP packets for the VOIP unit.

regards
Kronos
From my understanding, VoIP DOES need ICMP.

That said, the best solution I can offer is to route the VoIP traffic over a VPN.  This will allow you to block incoming ICMP from the Internet, but allow ICMP traffic through the VPN for VoIP.

Hope this helps.

Netelligen
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

Split: NicBrey {http:#9238265} & kronostm {http:#9238631} & Netelligen {http:#9245585}

Please leave any comments here within the next four days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Julian Crawford
EE Cleanup Volunteer

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial