Solved

Cisco Router Firewall to work with VoIP

Posted on 2006-07-05
4
417 Views
Last Modified: 2010-04-12
We will be implementing Cisco routers for all our VoIP installations. The setup is with a Hosted softPBX outside the organization. Previously we had to research the organizations existing firewall box to see if it was cabable of handling the NAT process for VoIP phones. Now we want to use the existing firewall security capabilities of Cisco 800, 1800, and 2800 series routers to handle this NAT process for VoIP calls.

1. What is this "NAT" functionality that handles VoIP calls outside the organization (though a firewall) called? I don't believe it's NAT(something about packet rewrite and handling support of codecs like G.711).

2. Do all these series routers firewallls handle this process and how is it implemented?

3. Any resources you could point me to in learning about this process would also be appreciated.

Thank You
0
Comment
Question by:eidebailly
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 36

Accepted Solution

by:
grblades earned 500 total points
ID: 17044617
1&2) This functionality is only on the Cisco PIX firewalls and it basically inspects the SIP and RTP traffic and alters the contents of the packets as it goes through the firewall much the same way and inteligent NAT routers do with ftp traffic.

You can have a STUN (proxy) server outside your network and configure the phones etc... to use it. A STUN server detects the presence of NAT and tries to work around the problems caused.

3) http://www.voip-info.org/wiki-STUN
0
 

Author Comment

by:eidebailly
ID: 17044799
I was just told by our line-carrier that they currently use 871 routers on up that have at least version 12.4 IOS. They say that this IOS handles the NAT transversal for VoIP. Does that sound right? So that means I wouldn't need anything but one of these routers with IOS to handle VoIP and NAT problem?
0
 
LVL 36

Expert Comment

by:grblades
ID: 17046571
I dont know of any specif router feature to enable SIP inspection like the PIX does.
Could you ask your carrier what the command is to enable the feature on the latter IOS version?
0
 

Author Comment

by:eidebailly
ID: 17054131
It didn't look like there was a command to enable it. It came with it. ALG: Application Layer Gateway Feature. Which does NAT transveral for VOIP. It looked like it came out around IOS 12.2 but my carrier doesn't use anything lower than 12.4.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Article by: user_n
How Sip Phone (User Agent) works and communicates with sip servers 1.  There is a sip server and a sip registrar.  The sip server and sip registrar can be one server or two different servers. The sip registrar is the server on which it is record…
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question