Nat - VPN -

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Our Version:
Gatekeeper(GNU) Version(2.0.6) Ext(pthreads=1) Build(Sep 24 2003, 12:35:03) Sys(Linux i686 2.4.20-28.9)
Can i upload only the new executable 2.0.7 ?
---------------------
PROBLEM:
---------------------
Hi i put my H323 proxy in a dmz it connected via internet from eth1 (no nat) and to lan via eth0
in this situation i can place call on both directions (internet to lan and vice versa)
-------------
i can place call from all pc in my lan (eth0)
-------------
but when some branc site try to connect trought vpn, firewalls perform NAT, and the people from the branch site proper authenticate to the gatekeeper but can't call (the other party did not accept your call)...
Plese help me !



this is the sample error from branc (vpn remote site via eth0)
EP|192.168.213.91:1720|m.pippo0@xxxxxxxx:h323_ID=13003501:dialedDigits|termi nal|1303_med1
RCF|192.168.213.91:1720|m.pippo0@xxxxxxxx:h323_ID=13003501:dialedDigits|term inal|1303_med1;
ACF|192.168.213.91:1720|1303_med1|13784|130003306:dialedDigits|m.pippo0@pipp o.de:h323_ID=13003501:dialedDigits=m.pippo0@xxxxxxxx:h323_ID=13003501:dialed Digits|false;
--------------------------------
this is an internal correct call
ACF|157.28.112.67:1720|1223_med1|29002|pappa@xxxxxxxx:h323_ID=130002676:dial edDigits=pappa@xxxxxxxx:h323_ID=130002676:dialedDigits||true;
-------------------------------


Our GKini

## H323 proxy

[Gatekeeper::Main]
Fourtytwo=42
Name=uxprxH323a
TimeToLive=800
#NetworkInterfaces=
EndpointIDSuffix=_xex1
StatusPort=7000


[RoutedMode]
GKRouted=1
H245Routed=1
callSignalPort=1720
ListenQueueLength=1024
CallSignalHandlerNumber=1
RemoveH245AddressOnTunneling=0
DropCallsByReleaseComplete=1
SupportNATedEndpoints=1
Q931PortRange=49000-49040
H245PortRange=49041-49089


[Proxy]
Enable=1
#T120PortRange=59000-59099
RTPPortRange=49090-49099
internalNetwork=172.16.20.0/24
ProxyForNat=1
ProxyForSameNAT=1


[GkStatus::Auth]
rule=regex | explicit
regex=^(172\.16\.20\.[0-9]+)|(192\.168\.109\.100)$
DelayReject=5
Shutdown=forbid



[Gatekeeper::Auth]
RadAliasAuth=required;RRQ,ARQ
default=allow


[RadAliasAuth]
Servers=192.168.xx.xx:1812,172.16.xx.xx:1812
DefaultAuthPort=18xx
SharedSecret=mypassword
RequestTimeout=4000
IdCacheTimeout=9000
SocketDeleteTimeout=60000
RequestRetransmissions=2
RoundRobinServers=0
AppendCiscoAttributes=0
IncludeTerminalAliases=0
IncludeEndpointIP=1


-------------------------------
Thank's to all.
Simone


-------------------------------------------------------
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click


_______________________________________________________

List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549
Homepage: http://www.gnugk.org/

[Index of Archives]     [SIP]     [Open H.323]     [Gnu Gatekeeper]     [Asterisk PBX]     [ISDN Cause Codes]     [Yosemite News]

  Powered by Linux