Solved

what is a Media proxy and how does it solve the RTP firewall problem

Posted on 2014-12-03
4
225 Views
Last Modified: 2014-12-15
Hi,
I read about the RTP firewall problem. The RTP flow is unable to happen due to a firewall in between.
One solution to this was using a media proxy. But i couldnt understand what that is and how will that solve this problem.

Please help me understand about media proxy and how it solves the RTP firewall problem.
Thanks
0
Comment
Question by:Rohit Bajaj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 32

Accepted Solution

by:
harbor235 earned 500 total points
ID: 40481637
Typically a proxy is an application aware software or hardware platform that posses detailed knowledge and capabilities regarding the flows, security, and performance of a particular application.

So in your case, a media proxy is software or hardware that accepts RTP streams and acts on the behalf of the sender(s) to optimize the streams to the endoint(s). An RTP proxy will provide additional control and/or security (NAT topology hiding) of the RTP streams.

Most modern firewalls have built in proxy server capabilities, your problem could be that the  RTP application being used is behaving in an unexpected manner and the firewall is block the traffic, or that the firewall does not have RTP proxy capabilities and RTP streams are being dropped to traffic being generated outside its security policy.


harbor235 ;}
0
 

Author Comment

by:Rohit Bajaj
ID: 40482415
Hi,
I didnt understand this much. If the client 2 sends the RTP data to a port to client 1. As this port will not be open on the firewall , the packet will get dropped by the Firewall. How will media proxy help in this case.
Will it open the port on the firewall automatically ??
0
 

Author Comment

by:Rohit Bajaj
ID: 40482541
I read something like the following about Media proxy but its unclear to me :

Media Proxy re-writes the SDP RTP/AVP field to direct RTP traffic back to a preferred port on the Media Proxy Server

The Media Proxy also Re-writes the RTP/AVP field when sending messages to the initiating SIP UA so that all RTP traffic again hits a preferred port

This preferred port can be opened on the Firewall and set to only accept traffic from the Media proxy
0
 
LVL 32

Expert Comment

by:harbor235
ID: 40482723
Correct, as robinsuri states, if you understand how the RTP application is operating the firewall can be adjusted to allow the traffic streams.

If the firewall has a built-in RTP proxy like a Cisco ASA or a Juniper SRX (there are more) then the firewall will allow the necessary traffic through based on the initial RTP connection and application signaling. In this case the firewall inspects
the RTP flow and since it is RTP aware can inspect the RTP segments and open all necessary ports as signaled by the sender and receiver.

 
harbor235 ;}
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The article explains the protocols and technology which is involved when two computers on different TCP/IP networks communicate with each other. In the diagram, a router is used to segregate two networks. The networks are 192.168.1.0/24 and 192…
Article by: user_n
How Sip Phone (User Agent) works and communicates with sip servers 1.  There is a sip server and a sip registrar.  The sip server and sip registrar can be one server or two different servers. The sip registrar is the server on which it is record…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question