Welcome to ISAserver.org

voip setting Script for Vonage vt1000v

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2000 Firewall] >> SecureNAT Client >> voip setting Script for Vonage vt1000v

Page: [1]

Message

<< Older Topic Newer Topic >>

voip setting Script for Vonage vt1000v - 31.Dec.2003 4:24:00 AM

smarisetty

Posts: 36
Joined: 11.Jun.2001
From: Santa Clara, CA, USA
Status: offline

HI,

Having done some experiments, have the following VBScript working for me. The attached script makes all the necessary settings. I have only opened up UDP 10000 and 11600 only from the 10-20K range. I snooped the network traffic with NetMon and saw that only these two UDP's were used for audio. The other ports 5060-5063, 69 and 123 were enabled as well.

To run the script, copy the following into a file with notepad.exe and name it something like vt1000vadd.vbs. From the Windows:Start run this file and it will setup the ports as needed. If you want to undo the changes, copy the second script into a file named vt1000vdel.vbs. Run this from windows and it will undo. Hope this solves problems for many people.

----------- copy from here into vt1000vadd.vbs--------
Sub vt1000vadd

'Enabling UDP ports for Vonage vt1000v ATA
' UDP In: {69,123,5060,5061,5062,5063,10000,11600}
' UDP Out: {69,123,5060,5061,5062,5063,10000,11600}

Const prxInbound = 0
Const prxOutbound = 1
Const prxSpecifiedProtocol = 1
Const prxFwSrvSvc = 0
Const prxAllServices = 2
Const prxTCP = 0
Const prxUDP = 1

'Initialize the Internal/External IP
Const IntIp="192.168.16.54"
Const ExtIp="63.198.196.228"
Const UdpRangeCnt=7

Dim objFPC, objArray, objSPR, ObjPD, ojbPR, MyProtDef, MyProt, myCnt
Dim UdpIn(7), UdpOut(7)

'Ports for RTP media streams-audio: Primary
UdpIn(0)=10000
UdpOut(0)=10000

UdpIn(1)=11600
UdpOut(1)=11600

' Ports for Handshaking - ring control
UdpIn(2)=5060
UdpOut(2)=5060

UdpIn(3)=5061
UdpOut(3)=5061

UdpIn(4)=5062
UdpOut(4)=5062

UdpIn(5)=5063
UdpOut(5)=5063

' Ports time
UdpIn(6)=123
UdpOut(6)=123

' Ports for tftp
UdpIn(7)=69
UdpOut(7)=69

'Create the root object
Set objFPC = CreateObject ("FPC.Root")

'Make sure it's current data
objFPC.Refresh

'Find where we live
Set objArray = objFPC.Arrays.GetContainingArray

'Create a new protocol rule now to cover all UDP outbound protocol defs
Set objPR=objArray.ArrayPolicy.ProtocolRules.Add("zVoipUdpEnable")
objPR.Description = "Enable UDP for vt1000v VOIP"
objPR.Enabled=True
objPR.Action=fpcActionAllow
objPR.ProtocolSelectionMethod = prxSpecifiedProtocol
objPR.SetAppliesAlways

'Create a protocol definitions, Server Publishing Rule
For myCnt=0 to UdpRangeCnt Step 1
'Inbound UDP
Set objPD = objArray.PolicyElements.ProtocolDefinitions.AddUdp("zUdpIn"&UdpIn(myCnt), prxInbound, UdpIn(myCnt))
objPD.Description = "UDP"&UdpIn(myCnt)&" forwarding to vt1000v"
'Save the changes
objPD.Save

'Outbound UDP
Set objPD = objArray.PolicyElements.ProtocolDefinitions.AddUdp("zzUdpOut"&UdpOut(myCnt), prxOutbound, UdpOut(myCnt))
objPD.Description = "Outbound UDP "&UdpOut(myCnt)&" enabling for vt1000v"
'Save the changes
ObjPD.Save

'Publishing Rule to forward the Inbound UDP port
Set objSPR = objArray.Publishing.ServerPublishingRules.Add("zUdpFwd"&UdpIn(myCnt))
'Configure Server Publishing rule
objSPR.Description = "UDP"&UdpIn(myCnt) &" forwarding to vt1000v"
objSPR.InternalIp = IntIp
objSPR.ExternalIp = ExtIp
objSPR.SetProtocol("zUdpIn"&UdpIn(myCnt))
objSPR.Save

' add all UdpOut's to the Procotol Policy rule
objPR.SpecifiedProtocols.Add("zzUdpOut"&UdpOut(myCnt))
objPR.Save
NEXT

objSPR.Refresh
objPD.Refresh
objPR.Refresh
objFPC.Refresh
objArray.SendRestartNotification(prxFwSrvSvc)

' Finally done doing it all
MsgBox ("done add - restarting server")

' release the objects
Set objFPC = Nothing
Set objPD=Nothing
Set objSPR=Nothing
Set objArray=Nothing
Set objPR=Nothing

End Sub
vt1000vadd
----------- copy til here ----------------------------------

------------ copy from here into vt1000vdel.vbs--------
Sub vt1000vdel

'Deleting UDP ports for Vonage vt1000v ATA
' UDP In: {69,123,5060,5061,5062,5063,10000,11600}
' UDP Out: {69,123,5060,5061,5062,5063,10000,11600}

Const prxInbound = 0
Const prxOutbound = 1
Const prxSpecifiedProtocol = 1
Const prxFwSrvSvc = 0
Const prxAllServices = 2
Const prxTCP = 0
Const prxUDP = 1

'Initialize the Internal/External IP
Const IntIp="192.168.16.54"
Const ExtIp="63.198.196.228"
Const UdpRangeCnt=7

Dim objFPC, objArray, objSPR, ObjPD, ojbPR, MyProtDef, MyProt, myCnt
Dim UdpIn(7), UdpOut(7)

'Ports for RTP media streams-audio: Primary
UdpIn(0)=10000
UdpOut(0)=10000

UdpIn(1)=11600
UdpOut(1)=11600

' Ports for Handshaking - ring control
UdpIn(2)=5060
UdpOut(2)=5060

UdpIn(3)=5061
UdpOut(3)=5061

UdpIn(4)=5062
UdpOut(4)=5062

UdpIn(5)=5063
UdpOut(5)=5063

' Ports time
UdpIn(6)=123
UdpOut(6)=123

' Ports for tftp
UdpIn(7)=69
UdpOut(7)=69

'Create the root object
Set objFPC = CreateObject ("FPC.Root")

'Make sure it's current data
objFPC.Refresh

'Find where we live
Set objArray = objFPC.Arrays.GetContainingArray
Set objPD = objArray.PolicyElements.ProtocolDefinitions
Set objSPR = objArray.Publishing.ServerPublishingRules
Set objPR=objArray.ArrayPolicy.ProtocolRules

'Delete Access Policy for Vt1000v
objArray.ArrayPolicy.ProtocolRules.Remove("zVoipUdpEnable")
objPR.Save
' **** done delete of only one protocol rule

For myCnt=0 to UdpRangeCnt Step 1

'Delete Server Publishing Rules
objArray.Publishing.ServerPublishingRules.Remove("zUdpFwd"&UdpIn(myCnt))
objSPR.Save
'**** done delete publishing rules

'Delete a protocol definitions for Inbound
objArray.PolicyElements.ProtocolDefinitions.Remove("zUdpIn"&UdpIn(myCnt))
objPD.Save

'Delete a protocol definitions for Outbound
objArray.PolicyElements.ProtocolDefinitions.Remove("zzUdpOut"&UdpOut(myCnt))
ObjPD.Save
' **** done delete protocol definitions
NEXT

MsgBox ("done delete - restarting firewall service")
objFPC.Refresh
objArray.SendRestartNotification(prxFwSrvSvc)
Set objFPC = Nothing
Set objPD=Nothing
Set objSPR=Nothing
Set objArray=Nothing
Set objPR=Nothing

End Sub
vt1000vdel

------------- copy til here ---------------------------------

Post #: 1

Featured Links*

RE: voip setting Script for Vonage vt1000v - 31.Dec.2003 4:33:00 AM

smarisetty

Posts: 36
Joined: 11.Jun.2001
From: Santa Clara, CA, USA
Status: offline

Hi Tom,

Here is the url to an updated VBScript:
http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=8;t=000586

(in reply to smarisetty)

Post #: 2

RE: voip setting Script for Vonage vt1000v - 31.Dec.2003 7:32:00 AM

smarisetty

Posts: 36
Joined: 11.Jun.2001
From: Santa Clara, CA, USA
Status: offline

In all my excitement, I forgot to add the following notes to the above:

Change the Internal/External IP address as per your system needs.
In the DHCP Configuration of ISA, reserve a fixed IP address for vt1000v (tied to its mac address) as ex: 192.168.16.54.

Also, change the script to replace the External IP value to that of your public IP (don't use mine).

DISCLAIMER: Use at your own risk and is provided as a helper guide only. Feel free to modify/change/distribute it at will.

[Razz]

(in reply to smarisetty)

Post #: 3

RE: voip setting Script for Vonage vt1000v - 22.Jan.2004 12:54:00 AM

Guest

How would a person go about modifying this script for an Enterprise Policy? Thanks!

(in reply to smarisetty)

Post #: 4

RE: voip setting Script for Vonage vt1000v - 16.Jun.2004 9:52:00 PM

hagb13

Posts: 1
Joined: 31.May2004
From: Mexico
Status: offline

I can not make it work. Can you give more instructions?

Thank you in advance! [Smile]

(in reply to smarisetty)

Post #: 5

RE: voip setting Script for Vonage vt1000v - 15.Oct.2004 3:17:00 AM

cmpenney

Posts: 2
Joined: 29.Aug.2003
Status: offline

How would you setup the script if the External interface is DHCPed?

(in reply to smarisetty)

Post #: 6

RE: voip setting Script for Vonage vt1000v - 14.Jun.2005 2:55:00 PM

cybersmith

Posts: 69
Joined: 21.Jul.2003
From: Michigan
Status: offline

I realize this is an older post, but I want to understand why it was setup to create a different protocol definition and server publishing rule for each port?

Was there a problem with setting up a single protocol (well, two if you do one for inbound and one for outbound) with ALL of the designated protocols?? If this was a problem, why?

(in reply to smarisetty)

Post #: 7