Hi,
Has anyone successfully configured H.323 through NG FP3 for Video
Conferencing. I have a Cisco Gatekeeper/IPIPGW which is sited on the
internal network. Endpoints register with this device using its private
address.
This object is defined as a host and has a static NAT translation to a
real-world IP address. Can CP inspect the H.323 call setup messages and
change any IP addresses in the H.323 payload (e.g. H.225 call setup
messages)? To allow this Gatekeeper to talk to other Gatekeepers, UDP/1719
and TCP/1720 need to be permitted in both directions.
Therefore, would something like the following be sufficient:
src=gk-ipipgw dst=any service=H323;H323_ras
src=any dst=gk-ipipgw service=H323;H323_ras
Will the firewall open the ports associated with the media streams
dynamically?
Cheers,
Matt
--
Matthew Melbourne
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
