Audio-video telephony with firewalls and network address translation

US 8,499,344 B2
Filed: 07/24/2001
Issued: 07/30/2013
Est. Priority Date: 07/28/2000
Status: Active Grant

First Claim

Patent Images

1. A communications system for making a multimedia call, comprising:

a first multimedia terminal configured to communicate using H.323;

a second multimedia terminal configured to communicate using H.323;

a first communication unit, associated with the first multimedia terminal, configured to establish a multimedia call over a shared IP network between said first multimedia terminal and the second multimedia terminal using H.323, said communication unit including a first firewall through which the multimedia call passes, whereinthe first firewall is configured to restrict certain types of communication between the first terminal and the shared IP network,each of the first multimedia terminal and the second multimedia terminal has a number of logical communication ports for transmitting or receiving the multimedia call, including at least one dynamically assigned port; and

a transmitter, associated with the first multimedia terminal is configured to send a request to the second multimedia terminal to open up one or more dynamic ports in the second multimedia terminal;

a proxy server disposed between the first multimedia terminal and the second multimedia terminal that is configured to act as a proxy for the first multimedia terminal and the second multimedia terminal during the multimedia call, whereinthe proxy server has logical communication ports for communication with the first multimedia terminal, including one or more pre-assigned ports for communication with the first multimedia terminal;

the first firewall is configured not to restrict communication between the first multimedia terminal and the one or more pre-assigned ports of the proxy server for communication with the first multimedia terminal, andthe proxy server is configured to receive the request to open up said one or more dynamic ports in the second multimedia terminal via one of the proxy server'"'"'s pre-assigned ports and to modify the request to change a source of the request from a network address of the first multimedia terminal and the at least one dynamically assigned port of the first multimedia terminal to a network address of the proxy server and a pre-assigned port of the proxy server for communication with the second multimedia terminal.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to a communications system (1) for making multimedia calls. The system comprises two multimedia terminals (10,12) and communication means for making a multimedia call over a shared communications network (20), including a firewall (26) through which the multimedia call must pass, and which restricts certain types of communication. Each terminal (10,12) has a number of logical communication ports for the multimedia call, including at least one dynamically assigned port. In the course of setting up the multimedia call, at least one of the terminals (10,12) is adapted to send a request to the other of the terminals to open up one or more of the dynamic ports in the other terminal. The system includes a proxy server (40) between the terminals (10,12) that acts for each terminal as a proxy for the other terminal during the course of the call. The proxy server (40) has logical communication ports for communication with the terminals including one or more pre-assigned ports. The firewall (26) is configured not to restrict communication between one or both terminals (10,12) and the pre-assigned port(s) of the proxy server (40). The proxy server (40) is configured to receive and forward the request(s) to open up said dynamic port(s) via one of its pre-assigned ports.

72 Citations

View as Search Results

21 Claims

1. A communications system for making a multimedia call, comprising:
- a first multimedia terminal configured to communicate using H.323;
  
  a second multimedia terminal configured to communicate using H.323;
  
  a first communication unit, associated with the first multimedia terminal, configured to establish a multimedia call over a shared IP network between said first multimedia terminal and the second multimedia terminal using H.323, said communication unit including a first firewall through which the multimedia call passes, whereinthe first firewall is configured to restrict certain types of communication between the first terminal and the shared IP network,each of the first multimedia terminal and the second multimedia terminal has a number of logical communication ports for transmitting or receiving the multimedia call, including at least one dynamically assigned port; and
  
  a transmitter, associated with the first multimedia terminal is configured to send a request to the second multimedia terminal to open up one or more dynamic ports in the second multimedia terminal;
  
  a proxy server disposed between the first multimedia terminal and the second multimedia terminal that is configured to act as a proxy for the first multimedia terminal and the second multimedia terminal during the multimedia call, whereinthe proxy server has logical communication ports for communication with the first multimedia terminal, including one or more pre-assigned ports for communication with the first multimedia terminal;
  
  the first firewall is configured not to restrict communication between the first multimedia terminal and the one or more pre-assigned ports of the proxy server for communication with the first multimedia terminal, andthe proxy server is configured to receive the request to open up said one or more dynamic ports in the second multimedia terminal via one of the proxy server'"'"'s pre-assigned ports and to modify the request to change a source of the request from a network address of the first multimedia terminal and the at least one dynamically assigned port of the first multimedia terminal to a network address of the proxy server and a pre-assigned port of the proxy server for communication with the second multimedia terminal.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The communication system as claimed in claim 1, further comprising:
    - a second communication unit, associated with the second multimedia terminal, which includes a second firewall through which the multimedia call passes through;
      
      the second firewall is configured to restrict some communication between the second multimedia terminal and the shared communications network;
      
      the proxy server has logical communication ports for communication with the second multimedia terminal, including one or more pre-assigned ports for communication with the second multimedia terminal; and
      
      the second firewall is configured not to restrict communication between the second multimedia terminal and the one or more ports of the proxy server for communication with the second multimedia terminal.
  - 3. The communication system of claim 1, wherein a number of pre-assigned ports of the proxy server is less than or equal to a total number of dynamically assigned ports for the first multimedia terminal.
  - 4. The communication system of claim 3, wherein the proxy server has at least one pre-assigned port number.
  - 5. The communication system of claim 4, wherein the proxy server has two pre-assigned port numbers.
  - 6. The communication system of claim 1, wherein the first multimedia terminal is configured to transmit or receive multimedia media signals together with associated multimedia control signals, the control signals being sent to one of the pre-assigned ports of the proxy server and the media signals being sent to another of the pre-assigned ports of the proxy server.
  - 7. The communication system of claim 1, wherein at least one of the logical communications ports is a pre-assigned port, and the transmitter associated with the first multimedia terminal is configured to send said request to the pre-assigned port as an initial request to initiate the multimedia call.
  - 8. The communication system of claim 1, wherein the first communication unit is configured to establish the multimedia call at least in part via the internet, and the proxy server has one or multiple public internet protocol addresses by which the first multimedia terminal communicates with the proxy server, the first firewall being configured not to restrict communication between the first multimedia terminal and the one multiple public internet protocol addresses and the one or more pre-assigned port numbers of the proxy server.
  - 9. The communication system of claim 1, wherein there is a plurality of pairs of first multimedia terminals and second multimedia terminals.
  - 10. The communication system of claim 1, wherein the first communication unit is configured to establish the multimedia call according to H.323 standard of International Telecommunications Union.
  - 11. The communications system of claim 1, wherein the first communication unit is configured to establish the multimedia call according to a SIP standard of Internet Engineering Task Force.
  - 12. The communications system of claim 1, wherein the first communication unit is configured to establish the multimedia call according to MGCP standard of Internet Engineering Task Force.
  - 13. The communications system of claim 1, wherein the first communication unit is configured to establish the multimedia call according to H.248 standard of ITU.
  - 14. The communications system of claim 1, further comprising another proxy server serving a remote community of terminals and endpoints.
  - 15. The communications system of claim 1, the proxy server is a third-party device deployed to enable communication services between enterprises.
  - 16. The communications system of claim 1, wherein the proxy server is configured to be controlled by an enterprise of the first multimedia terminal to enable external communication service with other enterprises, service providers or its remote branches.
  - 17. The communications system of claim 1, wherein the proxy server is configured to implement a gatekeeper function.
  - 18. The communications system of claim 1, wherein a gatekeeper function is a separate system from the proxy server.
  - 19. The communication system of claim 1, wherein the request includes a payload that identifies the first multimedia terminal as a source of the request and the proxy server as a destination, and the proxy server is configure to modify the payload to change the source to the network address of the proxy server and the destination to a network address of the second multimedia terminal.
  - 20. The communications system of claim 1, wherein the proxy server is configured to send a connect message to the first multimedia terminal in response to the proxy server receiving a connect message from the second multimedia terminal.

21. A method of making a multimedia call using a communications system that includes a first multimedia terminal configured to use H.323 and a second multimedia terminal configured to use H.323, the method comprising:
- establishing a multimedia call over a shared IP network between said first multimedia terminal and the second multimedia terminal with a communication unit associated with the first multimedia terminal using H.323, said communication unit including a first firewall through which the multimedia call passes, wherein the first firewall is configured to restrict certain types of communication between the first terminal and the shared IP network, and each of the first multimedia terminal and the second multimedia terminal has a number of logical communication ports for transmitting or receiving the multimedia call, including at least one dynamically assigned port;
  
  transmitting, with a transmitter associated with the first multimedia terminal, request to the second multimedia terminal to open up one or more dynamic ports in the second multimedia terminal;
  
  using a proxy server disposed between the first multimedia terminal and the second multimedia terminal as a proxy for the first multimedia terminal and the second multimedia terminal during the multimedia call, the proxy server having logical communication ports for communication with the first multimedia terminal, including one or more pre-assigned ports for communication with the first multimedia terminal;
  
  the first firewall allowing communication between the first multimedia terminal and the one or more pre-assigned ports of the proxy server for communication with the first multimedia terminal;
  
  receiving, at the proxy server, the request to open up said one or more dynamic ports in the second multimedia terminal via one of the proxy server'"'"'s pre-assigned ports; and
  
  modifying the request to change a source of the request from a network address of the first multimedia terminal and the at least one dynamically assigned port of the first multimedia terminal to a network address of the proxy server and a pre-assigned port of the proxy server for communication with the second multimedia terminal, wherein the modifying is performed by the proxy server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Read, Stephen Michael
Primary Examiner(s)
Popham, Jeffrey D

Application Number

US10/332,785
Publication Number

US 20040037268A1
Time in Patent Office

4,389 Days
Field of Search

726/11
US Class Current

726/11
CPC Class Codes

H04L 61/00   Network arrangements, proto...

H04L 61/2514   between local and global IP...

H04L 61/2517   using port numbers

H04L 61/2535   Multiple local networks, e....

H04L 61/2564   for a higher-layer protocol...

H04L 61/2567   for reachability, e.g. inqu...

H04L 63/0281   Proxies

H04L 63/029   Firewall traversal, e.g. tu...

H04L 65/103   in the network

H04L 65/104   in the network

H04L 65/1043   Gateway controllers, e.g. m...

H04L 65/1069   Session establishment or de...

H04L 65/1101   Session protocols

H04L 65/1104   Session initiation protocol...

H04L 65/1106   Call signalling protocols; ...

H04L 9/40   Network security protocols

H04M 7/0078   Security; Fraud detection; ...

Audio-video telephony with firewalls and network address translation

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

72 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Audio-video telephony with firewalls and network address translation

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

72 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links