Solved

Cisco Router Firewall to work with VoIP

Posted on 2006-07-05
4
413 Views
Last Modified: 2010-04-12
We will be implementing Cisco routers for all our VoIP installations. The setup is with a Hosted softPBX outside the organization. Previously we had to research the organizations existing firewall box to see if it was cabable of handling the NAT process for VoIP phones. Now we want to use the existing firewall security capabilities of Cisco 800, 1800, and 2800 series routers to handle this NAT process for VoIP calls.

1. What is this "NAT" functionality that handles VoIP calls outside the organization (though a firewall) called? I don't believe it's NAT(something about packet rewrite and handling support of codecs like G.711).

2. Do all these series routers firewallls handle this process and how is it implemented?

3. Any resources you could point me to in learning about this process would also be appreciated.

Thank You
0
Comment
Question by:eidebailly
  • 2
  • 2
4 Comments
 
LVL 36

Accepted Solution

by:
grblades earned 500 total points
ID: 17044617
1&2) This functionality is only on the Cisco PIX firewalls and it basically inspects the SIP and RTP traffic and alters the contents of the packets as it goes through the firewall much the same way and inteligent NAT routers do with ftp traffic.

You can have a STUN (proxy) server outside your network and configure the phones etc... to use it. A STUN server detects the presence of NAT and tries to work around the problems caused.

3) http://www.voip-info.org/wiki-STUN
0
 

Author Comment

by:eidebailly
ID: 17044799
I was just told by our line-carrier that they currently use 871 routers on up that have at least version 12.4 IOS. They say that this IOS handles the NAT transversal for VoIP. Does that sound right? So that means I wouldn't need anything but one of these routers with IOS to handle VoIP and NAT problem?
0
 
LVL 36

Expert Comment

by:grblades
ID: 17046571
I dont know of any specif router feature to enable SIP inspection like the PIX does.
Could you ask your carrier what the command is to enable the feature on the latter IOS version?
0
 

Author Comment

by:eidebailly
ID: 17054131
It didn't look like there was a command to enable it. It came with it. ALG: Application Layer Gateway Feature. Which does NAT transveral for VOIP. It looked like it came out around IOS 12.2 but my carrier doesn't use anything lower than 12.4.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Although VoiceOver IP has been around for a while, internet connections have only recently become fast enough to provide good call quality. Now, VoIP has become a real option for businesses looking at ways to improve their business model. In this ar…
I recently purchased a Bluetooth headset called the Music Jogger (model BSH10). The control buttons on it look like this: One of my goals is to use it as the microphone and speakers for Skype calls. In that respect, it works well. However, I …
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now