Presentation is loading. Please wait.

Presentation is loading. Please wait.

Intertex Data AB, Sweden Future of VoIP Networks and Services Edgy Solutions Prepared for:Voice On the Net, Spring 2002 By: Karl Erik Ståhl President Intertex.

Similar presentations


Presentation on theme: "Intertex Data AB, Sweden Future of VoIP Networks and Services Edgy Solutions Prepared for:Voice On the Net, Spring 2002 By: Karl Erik Ståhl President Intertex."— Presentation transcript:

1 Intertex Data AB, Sweden Future of VoIP Networks and Services Edgy Solutions Prepared for:Voice On the Net, Spring 2002 By: Karl Erik Ståhl President Intertex Data AB Chairman Ingate Systems AB karl.stahl@intertex.se © 2002 Intertex Data AB 1

2 2 VoIP as we have seen it… Internet PC Wanna talk to me? Do we want the PC as a phone? Gateway Internet Gateway STO LA Are cheaper phone bills all we want?

3 © 2002 Intertex Data AB 3 VoIP as we have seen it… VoIP between branch offices Gateway PSTN Europe IP Internet VPN US Gateway IP - But NOT globally to others!

4 © 2002 Intertex Data AB 4 Hmm, didn’t we pass this stage… Paper was a very compatible media - So is POTS today… But we need to move beyond! PSTN emai l printer fax Organization 1 Email system 1 emai l Organization 2 Email system 2 fax

5 © 2002 Intertex Data AB 5 Time to Get IP Telephony Out to Edge Wouldn’t that be fine? Black Phone RJ45 LAN Intranet Internet IP Phone PSTN RJ11

6 IAP Firewall/NAT problems! IP Phone SIP Server PSTN SIP /PSTN Gateway Internet Home LAN Business LAN DSL Cable MTU VoIP and SIP Services Out to the Edge Operator network with NAT NAT Firewall NAT XP PIM Status until now: SIP is the Protocol for IP Communication Person-to-Person, BUT IT DOES NOT REACH THE EDGE!

7 © 2002 Intertex Data AB 7 Product Examples – Ingate Systems AB A Complete Firewall An add-on to an Existing Firewall DMZ Existing Firewall  Firewall & NAT/PAT  SIP Proxy  SIP Registrar Enterprise Products Firewall 1400SIParator 40

8 © 2002 Intertex Data AB 8 Product Examples – Intertex Data AB IX66 Internet Gate with or without ADSL modem built-in OEM as: Telia SurfinBird Gate PowerBit SafeGate Review at: www.adslguide.org.uk/hardware/reviews/2002/q1/intertex_ix66-edflc.asp SOHO Products

9 Firewall/NAT problems! Firewall/NAT SIP transparency! IP Phone SIP Server PSTN SIP /PSTN Gateway Operator network with NAT Internet Home LAN NAT Firewall NAT Business LAN DSL Cable MTU DMZ inGate SIParator SIP Enabling the Private Networks inGate Firewall IP Phone IX66 IAP

10 Internet Just Another Internet Service… IX66 IAP Home LAN Enterprise LAN XP inGate Firewall SOHO LAN IX66 XP Seattle PSTN SIP /PSTN Gateway DNS SRV IX66 Intertex Stockholm LAN DMZ inGate SIParator XP Ingate Linköping LAN Sweden (SIP) (Server) Iptel.org IX66 Home User

11 © 2002 Intertex Data AB 11 SIP Preconfigured – Ready to Go! IX66

12 © 2002 Intertex Data AB 12 Use as Your SIP Server – Just Another Click! IX66

13 © 2002 Intertex Data AB 13 Who is Allowed to Register? IX66

14 © 2002 Intertex Data AB 14 Authenticate and Some Features IX66

15 © 2002 Intertex Data AB 15 Dialling Plan and More… IX66 MORE

16 IP Communications Using IP Networks Intranet IP VPN with IP communications Domestic and global IP communications PBX and PSTN – E.164 resolution Customer Premises PBX PSTN Phone Managed Services Router Vmail OSS SIP Phone WorldCom PSTN Dialing Plans Network GWY Conf PSTN Phone IM IN Enterprise Gateway SIP Routing Firewall SIP Server IP VPN Global IP Comm Intranet IP Comm …other… Many call routing options: Private/Public IP address DNS and DNS SRV records SIP aware NAT/PAT servers Henry Sinnreich 4/10/2002 WorldCom Public IP Network

17 IP Communications Using IP Networks PBX PSTN Phone Managed Services Router Vmail OSS SIP Phone WorldCom PSTN Dialing Plans Network GWY Conf PSTN Phone IM IN Enterprise Gateway SIP Routing Firewall SIP Server IP VPN Global IP Comm Intranet IP Comm …other… Integration with existing phones SIP Capable Firewall Ingate and Intertex First through SIT Customer Premises No IP PBX Needed! Enhanced Functionality Enterprise LAN WorldCom Public IP Network

18 © 2002 Intertex Data AB 18 See Intertex and inGate! SIP Capable Firewalls! Ingate Systems AB www.ingate.com Box 10013, Slakthusplan 4 SE-121 26 Stockholm, Sweden CEO Olle Westerberg olle.westerberg@ingate.com Tel +46 8 6007750 Booth #400 Intertex Data AB www.intertex.se Rissneleden 45 SE-174 44 Sundbyberg, Sweden President Karl Erik Ståhl karl.stahl@intertex.se Tel +46 8 6282828

19 © 2002 Intertex Data AB 19 SIP Firewall Problems Firewall Problems: Sessions initiated from outside of the firewall - OK, open port 5060, but… Media streams on dynamically allocated port numbers - Ooops…  ! Even with public IP addresses inside

20 © 2002 Intertex Data AB 20 SIP NAT/PAT Problems NAT & PAT Problems: Where is the device? - Registration/location function Private IP addresses and ports in SIP messages - Rewrite with globally routable addresses IP address and port of media stream has to be modified - NAT engine has to be dynamically controlled Worse with private IP addresses inside

21 © 2002 Intertex Data AB 21 Suggested Solutions Dynamically controlled Firewall/NATs [Aravox, …] Midcom: By Firewall Control Proxy [Dynamicsoft…] uPnP: By the client (Windows) [Microsoft] SIP aware Firewall/NATs (SIP Proxy + Registrar) [Intertex (SOHO), Ingate (enterprise), …] SIP aware Firewall/NATs (SIP ALG) [Cisco: requires location server, TLS not possible] Modifying the SIP protocol, Drafts in progress: draft-rosenberg-sipping-nat-scenarios-00.txt draft-rosenberg-midcom-stun-01.txt draft-ietf-sip-nat-01.txt

22 © 2002 Intertex Data AB 22 Adding SIP Support to a Firewall Important components: Dynamic Firewall Engine SIP Proxy Server, controlling the firewall SIP Registrar, user location information Communication between SIP Proxy and firewall SIP Proxy Firewall & NAT Firewall Control Protocol User Location

23 © 2002 Intertex Data AB 23 NAT Friendly SIP Draft Mods to SIP, SDP, (RTP?). SIGNALING  Route new signalling through this open path  For some NATs, if both parties are behind firewalls, RTP streams must bounce through a server LAN RTP IP Phone Firewall NAT RTP Proxy NAT IP Phone LAN SIP Registrar INTERNET  Use STUN to find out looks from outside STUN Server  Keep registrar NAT path (TCP or UDP) always open by frequent registrations  RTP media streams always start from inside + symmetric RTP SIP clients need upgrade. New servers on the net.

24 © 2002 Intertex Data AB 24 The Intertex IX66 Internet Gate A closer look  Firewall & NAT/PAT  SIP Proxy and Registrar  DHCP Server and Client  WEB Server for configuration  SIP Appliance Control, LAC via expansion port

25 © 2002 Intertex Data AB 25 The Intertex IX66 Internet Gate Goodies  Two Ethernet and one USB port  Expansion port, e.g. for appliance control  Smart Card Reader  Upgradeable Optional ADSL Built-in

26 Internet Appliances Control http://www.argreenhouse.com/iapp/index.shtml

27 © 2002 Intertex Data AB 27 Internet IP Phone DMZ inGate SIParator IP Phone Existing Firewall The Ingate SIParator

28 © 2002 Intertex Data AB 28 The Ingate SIParator Existing Firewall InternetLAN Private IP Addresses SIP traffic (5060 UDP/TCP) RTP traffic (UDP port interval) SIParator RTP Proxy NAT/PAT Engine SIP Proxy DMZ SIP Registrar


Download ppt "Intertex Data AB, Sweden Future of VoIP Networks and Services Edgy Solutions Prepared for:Voice On the Net, Spring 2002 By: Karl Erik Ståhl President Intertex."

Similar presentations


Ads by Google