Presentation is loading. Please wait.

Presentation is loading. Please wait.

Intertex Data AB, Sweden

Published byKatarina Engström Modified over 5 years ago

Similar presentations

Presentation on theme: "Intertex Data AB, Sweden"— Presentation transcript:

1 Intertex Data AB, Sweden
Firewall and NAT Traversal Bringing SIP the LAN Prepared for: International SIP 2003 By: Karl Erik Ståhl President Intertex Data AB Chairman Ingate Systems AB © 2003 Intertex Data AB 1

2 Is there a next big steps in Internet usage?
World Wide Web Will there be Real Time Communication Person-to-Person?

3 Remember how it started in 95?
VoIP as we have seen it… Remember how it started in 95? Internet PC Wanna talk to me? Now it is coming back in a most useful form!

4 Then this service was offered to end users?
VoIP as we have seen it… Gateway Internet STO LA Then this service was offered to end users? Nowdays long distance VoIP minutes are bought by the established telcos. Your normal international calls often run over the public Internet!

5 VoIP as we have seen it… PSTN Internet VoIP between branch offices
VPN US Gateway IP PSTN Europe Gateway IP VoIP between branch offices - But NOT globally to others!

6 VoIP as we see it… PSTN Internet MGCP often used to phones
SOFT SWITCH Internet FW MGCP often used to phones Phones get locked to operator

7 Hmm, didn’t we pass this stage…
PSTN Organization 1 system 1 fax Organization 2 system 2 fax fax fax printer Paper was a very compatible media - So is POTS today… But we need to move beyond!

8 What about universal connectivity?
PSTN RJ11 Black Phone RJ45 LAN Intranet Internet IP Phone Wouldn’t that be fine?

9 Is black telephony all we want?
“We need QoS of PSTN…” 3 kHz bandwith? Video? Presence? draft-ietf-simple-presence-07.txt Instant Messaging? RFC3428, December 2002 And more…

10 Is the protocol part of the game?
SMTP Created HTTP Created the Web SIP Can Create IP Communication Person-to-Person!

11 Microsoft is pushing – New RTC is SIP-based
Voice & Video (XP) Windows Messenger 4.6 and later has SIP-mode Presence & IM Dial to phone Rich SIP APIs .NET Server will include SIP server, with API (3Q2) Applications will arise 10:s of millions of RTC (SIP) users within a year

12 Let SIP clients talk to each other!
Internet Connect to PSTN when required! PSTN SIP/PSTN Gateway SIP Server XP PIM IP Phone IP Phone Home LAN Business LAN IAP IP Phone IP Phone

13 Operator network with NAT
But there is a problem… IP Phone PSTN SIP/PSTN Gateway Internet Home LAN Business LAN SIP Server IAP XP PIM Status until recently: SIP is the Protocol for IP Communication Person-to-Person, BUT IT DOES NOT REACH THE EDGE! Firewall/NAT problems! DSL Cable MTU Operator network with NAT NAT FirewallNAT

14 Locate the person - Set up a session - Open real time media streams
What is the difference? Typical Internet protocol (SMTP, HTTP…) Internet HOST SERVER SIP (and H.323…) connects person-to-person Internet PERSON Locate the person - Set up a session - Open real time media streams

15 SIP Firewall Problems Firewall Problems:
Sessions initiated from outside the firewall - OK, open port 5060, but… Media streams on dynamically allocated port numbers - Ooops…  ! Even with public IP addresses inside

16 SIP NAT/PAT Problems NAT & PAT Problems: Where is the device?
- Registration/location function Private IP addresses and ports in SIP messages - Rewrite with globally routable addresses IP address and port of media stream has to be modified - NAT engine has to be dynamically controlled Worse with private IP addresses inside

17 Suggested Solutions Dynamically controlled Firewall/NATs
Midcom: By Firewall Control Proxy [Dynamicsoft…] uPnP: By the client (Windows) [Microsoft] SIP aware Firewall/NATs (SIP Proxy + Registrar) [Intertex (SOHO), Ingate (enterprise), …] SIP aware Firewall/NATs (SIP ALG) [Cisco,… TLS not possible] Making SIP NAT friendly - Drafts in progress: draft-ietf-sipping-nat-scenarios-00.txt draft-ietf-midcom-stun-02.txt draft-ietf-sip-nat-02.txt draft-ietf-sip-symmetric-response-00.txt

18 Adding SIP Support to a Firewall
Important components: Firewall & NAT Dynamic Firewall Engine SIP Proxy SIP Proxy Server, controlling the firewall Firewall Control Protocol Communication between SIP Proxy and firewall User Location SIP Registrar, user location information

19 SIP Enabling the Private Networks
IP Phone SIP Server PSTN SIP/PSTN Gateway Operator network with NAT Internet NAT FirewallNAT Enterprise LAN DSL Cable MTU DMZ inGate SIParator inGate Firewall IX66 IP Phone Office or home LAN IP Phone Firewall/NAT problems! Firewall/NAT SIP transparency! IP Phone IAP

20 Just Another Internet Service…
PSTN SIP/PSTN Gateway Internet IX66 IAP Home LAN SOHO LAN IX66 XP Helsinki IX66 Intertex Stockholm LAN Sweden Enterprise LAN XP inGate Firewall DMZ inGate SIParator XP Ingate Linköping LAN IX66 Home User USA Sweden DNS SRV

21 IP Communications Using IP Networks
…other… IM Conf Vmail OSS SIP Server SIP Routing IN Dialing Plans Global IP Comm WorldCom Public IP Network Network GWY SIP Phone Firewall Router Intranet IP Comm IP VPN Enterprise Gateway Managed Services Customer Premises WorldCom PSTN PBX PSTN Phone PSTN Phone Many call routing options: Private/Public IP address DNS and DNS SRV records SIP aware NAT/PAT servers Henry Sinnreich 4/10/2002 Intranet IP VPN with IP communications Domestic and global IP communications PBX and PSTN – E.164 resolution

22 IP Communications Using IP Networks
…other… IM Conf Vmail OSS No IP PBX Needed! Enhanced Functionality Enterprise LAN SIP Capable Firewall Ingate and Intertex First through SIT SIP Server SIP Routing IN Dialing Plans Global IP Comm WorldCom Public IP Network Network GWY SIP Phone Firewall Router Intranet IP Comm IP VPN Enterprise Gateway Customer Premises Managed Services Integration with existing phones WorldCom PSTN PBX PSTN Phone PSTN Phone

23 Product Examples – Ingate Systems AB
Enterprise Products A Complete Firewall An add-on to an Existing Firewall DMZ Existing Firewall Firewall 1400 SIParator 40 Firewall & NAT/PAT SIP Proxy SIP Registrar

24 Product Examples – Intertex Data AB
SOHO Products IX66 Internet Gate with or without ADSL modem built-in OEM as: Telia SurfinBird Gate PowerBit SafeGate Review at:

25 The Intertex IX66 Internet Gate
A closer look Firewall & NAT/PAT Router SIP Proxy and Registrar DHCP Server and Client WEB Server for configuration Smart Card Reader for security applications Optional b Wireless Lan SIP Appliance Control, LAC via expansion port Optional ADSL and Splitter Built-in

26 SIP-capable firewalls!
Intertex Data AB Rissneleden 45 SE Sundbyberg, Sweden VD Karl Erik Ståhl Tel Ingate Systems AB Box 10013, Slakthusplan 4 SE Stockholm, Sweden VD Olle Westerberg Tel

Download ppt "Intertex Data AB, Sweden"

Similar presentations

1 TURN Server for WebRTC in the Firewall © 2014 Ingate Systems AB Prepared for:Ingates SIP Trunking, UC and WebRTC Seminars ITEXPO January 2014 Miami By:Karl.

1 TURN Server for WebRTC in the Firewall © 2014 Ingate Systems AB Prepared for:Ingates SIP Trunking, UC and WebRTC Seminars ITEXPO January 2014 Miami By:Karl.
Open Standards: Communications at Your Desktop SmartCity Summit, April 29 th, 2003 Anne L. Coulombe Head of SIP-Based Solutions, Mitel Networks

Open Standards: Communications at Your Desktop SmartCity Summit, April 29 th, 2003 Anne L. Coulombe Head of SIP-Based Solutions, Mitel Networks
Mobility: Connecting Remote Workers TeliaSonera SIP Trunking Deployment © 2011 Intertex Data AB Prepared for:Ingate Systems 3 Day Seminar Unified Communications:

Mobility: Connecting Remote Workers TeliaSonera SIP Trunking Deployment © 2011 Intertex Data AB Prepared for:Ingate Systems 3 Day Seminar Unified Communications:
Any Questions?.

Any Questions?.
From Voice on the Net to Real Time Communications Jawad Khaki Vice President Windows Networking & Communications Microsoft Corporation.

From Voice on the Net to Real Time Communications Jawad Khaki Vice President Windows Networking & Communications Microsoft Corporation.
Intertex Data AB, Sweden VoIP to the Edge: Firewalls - The Missing Link Prepared for:Voice On the Net, Fall 2001 By: Karl Erik Ståhl President Intertex.

Intertex Data AB, Sweden VoIP to the Edge: Firewalls - The Missing Link Prepared for:Voice On the Net, Fall 2001 By: Karl Erik Ståhl President Intertex.
1 What’s Next For SIP Trunking? Carriers Enabling and Bringing WebRTC Features With Their Trunks © 2015 Ingate Systems AB Prepared for:Ingate SIP Trunking,

1 What’s Next For SIP Trunking? Carriers Enabling and Bringing WebRTC Features With Their Trunks © 2015 Ingate Systems AB Prepared for:Ingate SIP Trunking,
NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
TANDBERG Video Communication Server March 2008. TANDBERG Video Communication Server Background  SIP is the future protocol of video communication and.

TANDBERG Video Communication Server March TANDBERG Video Communication Server Background  SIP is the future protocol of video communication and.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
© 2012 Intertex Data AB 1 Needs Show Up in Islands Person-to-person, real-time related: + IM, Presence, + SMS (2G, 3G…) (Wireless only!?) + Skype (call.

© 2012 Intertex Data AB 1 Needs Show Up in Islands Person-to-person, real-time related: + IM, Presence, + SMS (2G, 3G…) (Wireless only!?) + Skype (call.
The NAT/Firewall Problem! And the benefits of our cure… Prepared for:Summer VON Europe 2003 SIP Forum By: Karl Erik Ståhl President Intertex Data AB Chairman.

The NAT/Firewall Problem! And the benefits of our cure… Prepared for:Summer VON Europe 2003 SIP Forum By: Karl Erik Ståhl President Intertex Data AB Chairman.
1 Basic Installation and GUI Tech 130. 2 Basic Installation and GUI : Objectives  Installing the Quadro  Configuring the Quadro  Installing IP phones.

1 Basic Installation and GUI Tech Basic Installation and GUI : Objectives  Installing the Quadro  Configuring the Quadro  Installing IP phones.
Beyond POTS Replacement Is SIP Trunking a step on that route? © 2009 Intertex Data AB 1 Prepared for:INTERNET TELEPHONY Conference Ingate’s SIP Trunking.

Beyond POTS Replacement Is SIP Trunking a step on that route? © 2009 Intertex Data AB 1 Prepared for:INTERNET TELEPHONY Conference Ingate’s SIP Trunking.
© 2001 Intertex Data AB, All Rights Reserved Spring VON 2001 Demo 1 Intertex Data AB, Sweden IX66 Internet Gate A Firewall with SIP Support Prepared for:Voice.

© 2001 Intertex Data AB, All Rights Reserved Spring VON 2001 Demo 1 Intertex Data AB, Sweden IX66 Internet Gate A Firewall with SIP Support Prepared for:Voice.
The Firewall as a SIP Server Much more than firewall SIP traversal! Prepared for:Spring VON 2003 Enterprise Solutions By: Karl Erik Ståhl President Intertex.

The Firewall as a SIP Server Much more than firewall SIP traversal! Prepared for:Spring VON 2003 Enterprise Solutions By: Karl Erik Ståhl President Intertex.
Living the SIMPLE SIP way SIP 2003 Paris, January 2003 Jörgen Björkner VP Concept Development Chairman SIP Forum

Living the SIMPLE SIP way SIP 2003 Paris, January 2003 Jörgen Björkner VP Concept Development Chairman SIP Forum
1 Intertex Demo at Spring VON 2004 Booth 809 Did you think VoIP was just old telephony somewhat cheaper? Not with the IX66! Live IP communication is much.

1 Intertex Demo at Spring VON 2004 Booth 809 Did you think VoIP was just old telephony somewhat cheaper? Not with the IX66! Live IP communication is much.
Intertex Data AB, Sweden Talking NATs & Firewalls Prepared for:Voice On the Net, Spring 2002 By: Karl Erik Ståhl President Intertex Data AB Chairman Ingate.

Intertex Data AB, Sweden Talking NATs & Firewalls Prepared for:Voice On the Net, Spring 2002 By: Karl Erik Ståhl President Intertex Data AB Chairman Ingate.
© 2001 Intertex Data AB, All Rights Reserved Moderator Sandy Teger 1 Intertex Data AB, Sweden IX66 Internet Gate A Firewall with SIP Support Prepared for:Voice.

© 2001 Intertex Data AB, All Rights Reserved Moderator Sandy Teger 1 Intertex Data AB, Sweden IX66 Internet Gate A Firewall with SIP Support Prepared for:Voice.

Similar presentations

Ads by Google