User Guide
41
Packet Filter Policies
Clarent-Command
Clarent Corporation supplies IP telephone technology to mainstream carriers and service providers.
Clarent products allow voice-over-IP between Clarent gateways across the Internet. This policy gives
support to the Clarent v3.0 product and later.
Clarent products use two sets of ports, one for gateway-to-gateway communications (UDP ports 4040,
4045, and 5010) and one for gateway-to-command center communications (UDP ports 5001 and
5002). Use the Clarent-command policy for the gateway-to-command center communications.
Allow incoming connections only from specified external gateways to your gateway or command
center.
Clarent also gives support for the use of PCAnywhere for management. Refer to the PCAnywhere policy
notes for more information.
The Clarent-command policy could put network security at risk because it allows traffic inside the
firewall based only on network address. This is not a trusted method of authentication. In addition,
your Clarent server could receive denial-of-service attacks in this configuration. Where possible, we
recommend that you use VPN options to give more security for Clarent-command connections.
Characteristics:
•
Internet Protocol(s): UDP
•
Port Numbers(s): 5001, 5002
Clarent-Gateway
Clarent Corporation supplies IP telephone technology to mainstream carriers and service providers.
Clarent products allow voice-over-IP between Clarent gateways across the Internet. This policy gives
support to the Clarent v3.0 product and later.
Clarent products use two sets of ports, one for gateway-to-gateway communications (UDP ports 4040,
4045, and 5010) and one for gateway-to-command center communications (UDP ports 5001 and
5002). Use the Clarent-command policy for the gateway-to-command center communications.
Allow incoming connections only from specified external gateways to your gateway or command
center.
Clarent also gives support for the use of PCAnywhere for management. Refer to the PCAnywhere policy
notes for more information.
The Clarent-gateway policy could put network security at risk because it allows traffic inside the
firewall based only on network address. This is not a trusted method of authentication. In addition,
your Clarent server could receive denial-of-service attacks in this configuration. Where possible, we
recommend that you use VPN options to give more security for Clarent-gateway connections.
Characteristics
•
Internet Protocol(s): UDP
•
Port Number(s): 4040, 4045, 5010