Filter
Top Products
TANDBERG Border Controller User Manual
3.6 Firewall Traversal
The Border Controller works with the TANDBERG Gatekeeper, TANDBERG Expressway end-
points and other endpoints which support the ITU H.460.18 and H.460.19 standards. In order
to successfully traverse a firewall, the firewall is required to allow initial outbound traffic to des-
ignated ports on the border controller and return traffic from those ports. The ports used are
configurablea and by default are:
• UDP/1719
• TCP/1720
• TCP/2776
• TCP/2777
• UDP/2776
• UDP/2777
Non traversal calls — calls to the public internet — send traffic to ports determined by the
receiving endpoint and from ports. Traffic is sent from UDP ports 1719 and 50,000–51,000 and
TCP ports 15,000–24,000
Having the firewall only accept incoming data from the IP address and port to which data has
already been sent allows you to maintain a secure network behind the firewall: unsolicited
incoming data will not be accepted.
You are recommended to turn off any H.323 traversal features on the firewall: these are not
needed in conjunction with the Expressway solution and may interfere with its operation.
The Gatekeeper identifies itself to the Border Controller with its Traversal Zone Name which may
be determined with the command:
xConfiguration Zones TraversalZone Name
or using the Gatekeeper’s web interface on the System Configuration → Misc page.
Up to 50 Gatekeepers may register with the Border Controller. Each is identified with a unique
Traversal Zone Name which is set with the command:
xConfiguration Zones TraversalZone [1..50 ] Name: name
or using the Borde r Controller’s web interface on the Border Controller Configuration → Traver-
salZones page.
13