Stewart, Thanks, very informative. I'm curious, if only making outbound calls, is the situation the same? E.g. is it necessary to put the gateway in the DMZ/open ports? Thanks, Per > Hi Jamie, > > Unfortunately, it's not always black or white. > I've encountered four kinds of NATs: > > 1. Those that proxy H.323 correctly. Typical of most > professional firewalls. In this case, you should > never see any private addresses in any communications, > and it should work exactly like when the gateway is > directly on the public IP. Of course, the GK has > no problem with these. > > 2. Those that don't know anything about H.323. Typical > of most consumer routers, e.g. Linksys, D-link, Netgear. > If you set the GK for SupportNATedEndpoints, and forward > the proper ports or make the gateway the DMZ device, > it generally works fine. > > 3. Those that do a bad job with H.323. I've seen some > SMC and Linksys units in this category. They were designed > to work with NetMeeting, but won't work properly with > most hardware gateways. You can make these work with gnugk > disabling the H.323 application gateway (sometimes this is > in an unexpected menu such as intrusion detection!), or > sometimes by forwarding the proper ports or using DMZ. > You may also need to set ProxyForNAT. > > 4. Those that butcher H.323 signaling. You may be able to > fix this with new firmware for the NAT, or work around it > by using a port other than 1720 for your gateway. Otherwise, > get a better router. > > --Stewart > > ----- Original Message ----- > From: "James Lertora" <jlertora@xxxxxxxxxx> > To: <openh323gk-users@xxxxxxxxxxxxxxxxxxxxx> > Sent: Tuesday, July 06, 2004 11:32 AM > Subject: RE: Question about NATed endpoints > > > > Ok, so let me get this straight. > > > > If the firewall is truly H.323 aware then I shouldn't see the private IP > > addr > > of the VoIP gateway when registered to the GK. True / False > > > > If the firewall is truly H.323 aware then when an inbound setup > message is > > seen it should open the appropriate (TCP/UDP) sessions for the > NATed VoIP > > gateway that is registered with the GK. True/False > > > > Thanks again this is very helpful. > > > > -Jamie > > > > > > James Lertora > > Technical Support > > Patton Electronics > > mailto:support@xxxxxxxxxx > > > > ------------------------------------------------------- > This SF.Net email sponsored by Black Hat Briefings & Training. > Attend Black Hat Briefings & Training, Las Vegas July 24-29 - > digital self defense, top technical experts, no vendor pitches, > unmatched networking opportunities. Visit www.blackhat.com > > _______________________________________________________ > > List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx > Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 > Homepage: http://www.gnugk.org/ > ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________________ List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
