ClearOne NetPoint Firewall Traversal, Инструкция по установке и настройке, Страница: 13 / 35

NetPoint Firewall Traversal Server: Installation and Setup Manual 13
Firewalls support many different protocols, but they do not specialize in H.323
communications. This may cause variations in the level of support for H.323 among
different vendors’ firewalls. This results in occasional call failures.
NATs also impose obstacles for IP voice and video communications. NATs assign private IP
addresses to workstations and servers located within a private LAN. However, most routing
devices that control the flow of information across the Internet can send data only to
devices with routable or public IP addresses. The addresses of users in NAT-protected
networks are unknown to devices on the public side of the NAT. As a result, the users
behind the NAT cannot receive calls from the public side of the LAN.
NATs also hinder H.323 calls which are dialed out by private LAN users to the public side.
As previously mentioned, the IP address of the sender is embedded in the video and audio
transmissions. If this IP address is not able to be routed, any return transmission will not
penetrate the network protected by the NAT. The user behind the NAT never receives the
public side user’s audio and video.
THE NETPOINT SYSTEM SOLUTION
ClearOne’s NetPoint of products provides connectivity for videoconferencing networks
within organizations that are protected by NAT and firewalls.
P
ERMITTED
N
ETWORK
T
RAFFIC
The NetPoint allows passage by the following types of network traffic:

Gatekeeper registration
 Call setup messages

RTP-based audio and video (as well as data) streams

Collaborate Central Administrator login
 Remote end point/device configuration (from Collaborate Central Administrator)

Neighboring gatekeeper and directory gatekeeper messages (between Collaborate
Central’s or to non-Collaborate Central gatekeepers that are not behind a NetPoint).
H
ARDWARE
C
ONFIGURATIONS
Each proxy configuration may handle up to 100 concurrent video calls.
N
ET
P
OINT
S
UPPORT IN A
F
IREWALL
If a firewall is installed in the organization, the NetPoint requires that you open pinholes
through three specific ports, outward to the public network. You do not have to open any
ports inward, and the firewall does not have to accommodate requests to open random or
dynamic ports. Traffic through the pinholes is directed through NetPoint components only.