H.323

H.323 is an international multimedia communications protocol standard published by the International Telecommunications Union (ITU-T) and defines the protocols to provide audio-visual communication sessions on any packet-switched network. H.323 is commonly used in Voice over IP (VoIP) and IP-based videoconferencing.

H.323 uses TCP on port 1720 to negotiate which dynamic port range is to be used between the endpoints when setting up a call. Since opening all ports within the dynamic range would cause a severe security issue, the gateway is able to allow H.323-related traffic on an intelligent basis. This is achieved by means of a special connection tracking helper monitoring the control channel to determine which dynamic ports are being used and then only allowing these ports to pass traffic when the control channel is busy. For that purpose you must specify both an H.323 gatekeeper and a client network definition in order to create appropriate firewall rules enabling the communication via the H.323 protocol.

To enable support for the H.323 protocol, proceed as follows:

  1. On the H.323 tab, enable H.323 protocol support.

    Click the toggle switch.

    The toggle switch turns amber and the Global H.323 Settings area becomes editable.

  2. Make the following settings:

    H.323 Gatekeeper: Add or select an H.323 gatekeeper. An H.323 gatekeeper controls all H.323 clients (endpoints such as Microsoft's NetMeeting) in its zone. More specifically, it acts as a monitor of all H.323 calls within its zone on the LAN. Its most important task is to translate between symbolic alias addresses and IP addresses. How to add a definition is explained on the Definitions & Users > Network Definitions > Network Definitions page.

    H.323 Client: Here you can add or select the host/network to and from which H.323 connections are initiated. An H.323 client is an endpoint in the LAN that participates in real-time, two-way communications with another H.323 client. How to add a definition is explained on the Definitions & Users > Network Definitions > Network Definitions page.

  3. Click Apply.

    Your settings will be saved.

    The toggle switch turns green.

To cancel the configuration, click the amber colored toggle switch.