Got it
Huawei Enterprise Support Community
Community Forums Intelligent Collaboration
How do I configure firewa...

How do I configure firewall ports?

624 0 0 0 0
View the author 1#

Q: How do I configure firewall ports?

A: Enable ports on the firewall according to the port plan. Perform port mapping on the extranet firewall, configure ACL rules on the firewall to allow traffic from specified ports to pass through, and map destination ports to the DMZ or servers in the intranet.  Do not perform NAT on the intranet firewall. Configure only ACL rules and routing to ensure that there are reachable routes between the intranet and the DMZ.

Extranet Terminal Access Network

eSpace Desktop and eSpace Mobile can be connected to the EC system from the extranet. The following figure shows the network.

114724cb3fyathbb6bnetp.png

The following describes principles for deploying servers:

l  The mobile access agent (MAA) and Meeting MS can be deployed in both the demilitarized zone (DMZ) and the intranet. Extranet users can use servers deployed in the DMZ, while intranet users can use servers deployed in the intranet.

l  The U1900, eSight, eServer, Business Management Unit (BMU), and AppAgent are deployed only in the intranet.

l  The session border controller (SBC) is deployed in the DMZ and provides the following functions:

       Signaling proxy

The SBC functions as the registration proxy gateway that registers UC terminals with the SIP server.

       Media aggregation

When the route between a UC terminal and a server or between two UC terminals is unreachable, the SBC is required for media aggregation to set up calls.

The following describes the principles for connecting terminals from an extranet:

l  Extranet eSpace Mobile access: First connects to the MAA in the DMZ through the extranet firewall. The eSpace Mobile then logs in to the eServer in the intranet using the MAA through the intranet firewall. After the successful login, the eSpace Mobile registers with the U1900 in the intranet through the SBC in the DMZ.

l  Extranet eSpace Desktop access: Directly logs in to the eServer through the intranet and extranet firewalls. After the successful login, the eSpace Mobile registers with the U1900 in the intranet through the SBC in the DMZ.

More Information

For more information, see "Configuring Extranet Access of Terminals" in the  eSpace EC V300R001 Product Documentation.

 

Like (0) Dislike (0) Favorite(0) Share Report
Previous: How can I locate common faults in the terminal extranet access scenario
Next: Console connection to PBX (First connection)
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.