most firewall and router has ALG(Application Layer Gateway) option. Cisco, Juniper, Vyatta(VyOS) and so on.
this feature has could pass RTP packet in NAT network changing H.245 message.
Cisco ASA call this Inspection, Juniper call this H323 ALG and Vyatta(VyOS) call this Conntrack.
refer the provider's configuration guide.
this is Vyatta(VyOS)'s config guide.
It applied on your virtual router default.
but you want to off this option, input this command.
set system conntrack modules h323 disable
commit
reference document
https://community.brocade.com/dtscp75322/attachments/dtscp75322/SoftwareNetworking/14/1/Vyatta_Firewall_Best_Practices.pdf
Good luck!
No comments:
Post a Comment