A quick question - for GNUGK to work in NAT Proxy mode must it (the GNUGK machine) have a Public IP address or can GNUGK run on a machine that is in the DMZ behind a NAT router? Do the packets in the H323 protocol set include the local IP address of the EP - in which case, is it right that simple NAT is not sufficient for H323 to work. And can it (GNUGK) communicate to a remote endpoint behind another NAT or is another GNUGK needed to support that EP? My config has GNUGK on a machine that is in the DMZ behind a NAT router and there are several EP's on the LAN there. There is remote EP behind another NAT. All EP's seem to be able to register and GNUGK "see's" the call setup requests from them but the call's to/from the remote EP never arrives at the destination EP. I have tested this with all IP ports forwarded to the remote EP. Calls within the LAN with the GNUGK work fine. Thanks in advance Ken -----Original Message----- From: openh323gk-users-admin@xxxxxxxxxxxxxxxxxxxxx [mailto:openh323gk-users-admin@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Stewart Nelson Sent: 15 September 2004 02:51 To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Subject: Re: gnugk behind NAT questions Hi Ganbold, > One more question, How situation will change if there are multiple > endpoints for each NAT? > I mean how does it reflect to NAT port redirect rules? Did you make similar > setup before? > How NAT will distinguish each call and port redirection will work just as > supposed to? Since you are doing software NAT, it is probably easiest to run a GK on each NAT machine. Then you don't need any redirects and can have as many endpoints as you like. However, if you only have two or three EPs behind a NAT, you can set them up so that they use unique call signal addresses and RTP port ranges. For example: Device at 192.168.0.18 listens for Setup on TCP port 1720, uses UDP ports 10000-10001 for RTP. Device at 192.168.0.19 listens for Setup on TCP port 1721, uses UDP ports 10002-10003 for RTP. rdr on $ext_if proto tcp from any to $external_addr/32 port 1720 -> 192.168.0.18 port 1720 rdr on $ext_if proto tcp from any to $external_addr/32 port 1721 -> 192.168.0.19 port 1721 rdr on $ext_if proto udp from any to $external_addr/32 port 10000 -> 192.168.0.18 port 10000 rdr on $ext_if proto udp from any to $external_addr/32 port 10001 -> 192.168.0.18 port 10001 rdr on $ext_if proto udp from any to $external_addr/32 port 10002 -> 192.168.0.19 port 10002 rdr on $ext_if proto udp from any to $external_addr/32 port 10003 -> 192.168.0.19 port 10003 If your device won't let you change from port 1720, you can try to forward external 1720 -> .18 port 1720 and external 1721 -> .19 port 1720. However, that does not work in some configurations. Sorry, I don't know the details. --Stewart ------------------------------------------------------- This SF.Net email is sponsored by: thawte's Crypto Challenge Vl Crack the code and win a Sony DCRHC40 MiniDV Digital Handycam Camcorder. More prizes in the weekly Lunch Hour Challenge. Sign up NOW http://ad.doubleclick.net/clk;10740251;10262165;m _______________________________________________________ List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/ ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________________ List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id?49 Homepage: http://www.gnugk.org/
