ACL to permit a voip call

From: William Chen (kwchen@netvigator.com)
Date: Wed Feb 11 2004 - 21:46:26 GMT-3

• Next message: Ahmed Mustafa: "test"
• Previous message: Jason Aarons: "4506 Layer2 in-lost out-lost and multicast"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Dear all,

   For example, if I have the following scenario, and I have to set up a
outbound ACL to only permit the voice call.

------ Start -----------
   L0:192.168.1.1
L0:192.168.2.2
     |
|
    R1 (E0: 192.168.10.1/24) -------------------- (E0: 192.168.10.2) R2

    The configuration of R1:
     !
     dial-peer voice 1 voip
       destination-pattern 2222
       session target ipv4:192.168.2.2
     !

     The outbund ACL applied at R1:
     ! Part One
     access-list 101 permit tcp host 192.168.10.1 host 192.168.2.2 eq 1720
     ! Part Two
     access-list 101 permit tcp host 192.168.10.1 host 192.168.10.2 eq 1720
     access-list 101 permit tcp host 192.168.10.1 eq 1720 host 192.168.10.2
     ! Part Three
     access-list 101 permit udp host 192.168.10.1 host 192.168.10.2 range
16384 32767
--------- End ------------

     Part One is for the call setup (H.323) and Part Three is for the voice
data. Why we need Part Two?

     I make this scenario according to the Lab 10 of Pratical Studies Volume
2, and I don't have a real phone to test the above setting. Please help.

Best Regards,
William Chen

• Next message: Ahmed Mustafa: "test"
• Previous message: Jason Aarons: "4506 Layer2 in-lost out-lost and multicast"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Mar 05 2004 - 07:13:48 GMT-3