<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.6000.16890" name=GENERATOR></HEAD>
<BODY style="MARGIN: 4px 4px 1px; FONT: 10pt Tahoma">
<DIV dir=ltr align=left><SPAN class=939441014-27102009>Does the Checkpoint
support layer 7 SIP inspection? The firewall is going to need to be able
to read the SIP messages to figure out which UDP ports to open up for RTP
(audio). RTP uses UDP/1024-65536 typically, so you will either have
to open all of those ports, or make sure your firewall has SIP
inspection.</SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=939441014-27102009></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=939441014-27102009>The ASA does support
SIP inspection. I would recommend that firewall. We are
using Cisco's Zone-Based IOS Firewall on one of our routers and the SIP
inspection is buggy and does not work well at all. I will be
replacing with an ASA soon. </SPAN></DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<B>From:</B> cisco-voip-bounces@puck.nether.net
[mailto:cisco-voip-bounces@puck.nether.net] <B>On Behalf Of </B>STEVEN
CASPER<BR><B>Sent:</B> Sunday, October 25, 2009 10:32 AM<BR><B>To:</B>
cisco-voip voyp list<BR><B>Subject:</B> [cisco-voip] SIP Trunking and Checkpoint
Firewall<BR><BR></DIV>
<DIV></DIV>
<DIV>We have successfully installed and tested SIP trunking from Verizon and we
are now trying to run the product behind a Checkpoint firewall. So far we have
not having any luck despite installing patches from Checkpoint. </DIV>
<DIV> </DIV>
<DIV> Inbound calls do not complete though I see signaling exchange.
On an outbound call the call completes but there is no audio in either direction
It appears that Verizon dynamically changes ports and address during call set up
and the Checkpoint can not adapt. Has anyone been successful running IP trunking
through a Checkpoint or any other firewall. Thinking we may give an ASA a
try.</DIV>
<DIV> </DIV>
<DIV>Steve</DIV><PRE>************************************
This email may contain privileged and/or confidential information that is intended solely for the use of the addressee. If you are not the intended recipient or entity, you are strictly prohibited from disclosing, copying, distributing or using any of the information contained in the transmission. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. This communication may contain nonpublic personal information about consumers subject to the restrictions of the Gramm-Leach-Bliley Act and the Sarbanes-Oxley Act. You may not directly or indirectly reuse or disclose such information for any purpose other than to provide the services for which you are receiving the information.
There are risks associated with the use of electronic transmission. The sender of this information does not control the method of transmittal or service providers and assumes no duty or obligation for the security, receipt, or third party interception of this transmission.
************************************
</PRE></BODY></HTML>
<pre></PRE><P>Confidentiality: The information in this electronic mail may contain confidential, sensitive and/or protected health information intended only for the addressee(s). Any other person, including anyone who believes he/she might have received it due to an addressing error, is requested to notify this sender immediately by return e-mail, and shall delete it without further reading and retention. The information shall not be forwarded or shared unless in compliance with MMIC policies on confidentiality, and/or the written permission of this sender.
</P>