Sie zeigen eine alte Version dieser Seite an. Zeigen Sie die aktuelle Version an.

Unterschiede anzeigen Seitenhistorie anzeigen

« Vorherige Version anzeigen Version 4 Nächste Version anzeigen »


Description:

This document shows you how to set up the QoS rules in a LANCOM router firewall in order for them to operate with the settings recommended for VoIP connections.


Requirements:


Procedure:

The firewall settings described here depend on the following:
  • The Diff-Serv flag generated by the VoIP application (generally EF)
  • Which codec is used, as this determines the guaranteed bandwidth (compressed or uncompressed)
  • The ports (usually port 5060 for SIP signaling)

In order for the QoS to work properly, it is important that the bandwidth values made available by the provider are specified on the Internet connection, otherwise the mechanism has no reference values!



1) Firewall rule 1:

The first firewall rule reserves bandwidth for the SIP signaling:

1.1) In LANconfig, open the configuration dialog for the LANCOM router and switch to the menu item Configuration -> Firewall/QoS -> IPv4 rules -> Rules.



1.2) Enter a name for the firewall rule.



1.3) The action must be set to the action object ACCEPT.



1.4) On the QoS tab you need to add a custom QoS action.



1.5) Configure a guaranteed minimum bandwidth of 1 kbps per session.



1.6) On the Stations tab set the Connection source and Connection destination to all stations.



1.7) On the Services tab, under Target services you add a new service object for the SIP service.

On the General tab, give the new service object a name.



1.8) On the Services tab, select the option Custom protocols -> Edit custom protocols...

1.9) In the Ports field, enter the ports 5060 and 5061 separated by a comma.



1.10) The new service object is entered in the List of target services. Finish the configuration of the first firewall rule with OK.





2) Firewall rule 2:

The second firewall rule prioritizes the RTP data. Your IP phones must be set so that the RTP data is marked with the EF flag.
Note:
    This is a presetting for many IP phones. However, just to be on the safe side you should check the configuration of your phones.

2.1) In the Firewall objects section, click the button Action objects and add a new action object in the dialog that follows.




2.2) On the General tab, give the action a descriptive name. On the Actions tab, click Add.



2.3) Enable the option for DiffServ-CP and select the flag EF . Close the dialog with OK.



2.4) In the Firewall objects section, click the button QoS objects and add a new QoS object in the dialog that follows.



2.5) On the General tab, give the action a descriptive name. On the Actions tab, click Add.



2.6) Add three QoS conditions. For each of the conditions, enable the option for DiffServ-CP and set the flag to EF.
  • Configure a maximum packet size of 576 bytes for the fragmentation of the other packets.
  • Configure a reduction of the PMTU to 576 bytes.
  • Configure a global minimum bandwidth of 80 kbps per session.




2.7) Confirm your configuration with the OK button.



2.8) Navigate to the menu Configuration -> Firewall/QoS -> IPv4 rules -> Rules and add another firewall rule.



2.9) On the General tab, enter a descriptive name.



2.10) On the Actions tab, select the action object you created in step 2.2.



2.11) On the QoS tab, select the QoS object you created in step 2.4.



2.12) On the Stations tab, set the Connection source and Connection destination to all stations.



2.13) On the Services tab you set the Protocol/source services and Protocol/target services to all protocols/source services.



2.14) Complete the configuration of the second firewall rule with OK and write the configuration back to the LANCOM router.



  • Keine Stichwörter