| Summary: | 碩士 === 國立中央大學 === 資訊工程研究所 === 91 === Application layer signaling protocols such as SIP (Session Initiation Protocol) are usually broken, en-route by firewalls and NATs. Getting SIP packets through firewalls is a popular topic and there are a large amount of solutions developed to solve it. The ALG (Application Layer Gateway), MIDCOM (Middlebox Communication) and B2BUAWM (Back to Back User Agent with Media) are the most workable solutions for it, however, those solutions results some more problems that make the firewall be not independent, performance decrease or the security mechanism not complete. To solve those problems and to enhance the SIP to be used in the firewall environment, we try to design a coordinate module. In our coordinate module approach, a traditional firewall is cooperated with a SIP aware firewall. By setup the forwarding rules of traditional firewall, we can separate the traffic into two firewalls that makes both firewall work independently. In addition, we perform an authentication mechanism such as a login scheme to complete the security. Finally, we implement our coordinate module and show how it works.
|
|---|
