Hi Jamie, Unfortunately, it's not always black or white. I've encountered four kinds of NATs: 1. Those that proxy H.323 correctly. Typical of most professional firewalls. In this case, you should never see any private addresses in any communications, and it should work exactly like when the gateway is directly on the public IP. Of course, the GK has no problem with these. 2. Those that don't know anything about H.323. Typical of most consumer routers, e.g. Linksys, D-link, Netgear. If you set the GK for SupportNATedEndpoints, and forward the proper ports or make the gateway the DMZ device, it generally works fine. 3. Those that do a bad job with H.323. I've seen some SMC and Linksys units in this category. They were designed to work with NetMeeting, but won't work properly with most hardware gateways. You can make these work with gnugk disabling the H.323 application gateway (sometimes this is in an unexpected menu such as intrusion detection!), or sometimes by forwarding the proper ports or using DMZ. You may also need to set ProxyForNAT. 4. Those that butcher H.323 signaling. You may be able to fix this with new firmware for the NAT, or work around it by using a port other than 1720 for your gateway. Otherwise, get a better router. --Stewart ----- Original Message ----- From: "James Lertora" <jlertora@xxxxxxxxxx> To: <openh323gk-users@xxxxxxxxxxxxxxxxxxxxx> Sent: Tuesday, July 06, 2004 11:32 AM Subject: RE: Question about NATed endpoints > Ok, so let me get this straight. > > If the firewall is truly H.323 aware then I shouldn't see the private IP > addr > of the VoIP gateway when registered to the GK. True / False > > If the firewall is truly H.323 aware then when an inbound setup message is > seen it should open the appropriate (TCP/UDP) sessions for the NATed VoIP > gateway that is registered with the GK. True/False > > Thanks again this is very helpful. > > -Jamie > > > James Lertora > Technical Support > Patton Electronics > mailto:support@xxxxxxxxxx ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________________ List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
