Re: Gatekeeper in non-DMZ environment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Zygmuntowicz,
I thank you for the answer. You said:
"2. For multiple endpoints behind NAT and port forwarding,
    you have to configure different tcp port for them too.
    Most gateways have this option."
Do you mean different Signalling ports or rtp ports  or both?  May question was about signalling ports, do I need  to assign different signalling port to each endpoint behind the same nat?
Thanx

Zygmuntowicz Michal <m.zygmuntowicz@xxxxxxx> wrote:
1. The best assumption is the one written in the manual;)
The default value for ProxyForNAT is 1.
2. For multiple endpoints behind NAT and port forwarding,
you have to configure different tcp port for them too.
Most gateways have this option.
3. For routed mode only (you also probably need to route H.245
to get NAT functioning properly in case of tunneling disabled),
you need to open only a signaling port (1721 by default) and
H245 port range.

----- Original Message -----
From: "Nour Omar"
Sent: Monday, October 11, 2004 4:42 AM


>I don't have the whole proxy section in my config file. so I'm assuming
>the default is ProxyForNAT=0.
> I was looking at config file and find there are Q931PortRange and
> H245PortRange config parametes... wondering if these also needs to be
> opened or is it that the gatekeeper who always initiate requests through
> these ports and only reply will come from other side in which case no
> need for opening a "Pin Hole" through the firwall?
>
> In a related question, in case I want to have multiple h323
> endpoints(softphones) in the same NAT, is there going to be confussion in
> signalling? I can solve the rtp problem by assigning different rtp port
> ranges for each endpoint and have the NAT router direct media traffic
> depending on that port. But in signalling they all use the same signalling
> ports. So I was wondering how would each endpoint get the signalling
> correctly.
>
> Zygmuntowicz Michal wrote:
> Do you have ProxyForNAT=0? Otherwise even with [Proxy] Enable=0
> NATed calls are proxied.
>
> ----- Original Message -----
> From: "Nour Omar"
> Sent: Sunday, October 10, 2004 3:41 AM
>
>> Right now, my gatekeeper in DMZ with public ip( all ports are open) I
>> would like to put it in non-DMZ opening only ports that is required by
>> gatekeeper in routed mode(GKRouted=1, H245Routed=0) It is NOT in proxy
>> mode; just routed mode.. I would like to know all the TCP and UDP ports
>> that I need to open in the firewall. I know tcp signaling ports which
>> are usually 1718 -1721 but when I opened these ports, using PC-To-Phone
>> softphone, the other end could not hear me, but I could hear him. Then I
>> have to make my gatekeeper in DMZ again to get things working. What other
>> ports do i need to open? can some one help me in that? Thank you very
>> much.



-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl

_______________________________________________________

List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549
Homepage: http://www.gnugk.org/
[Index of Archives]     [SIP]     [Open H.323]     [Gnu Gatekeeper]     [Asterisk PBX]     [ISDN Cause Codes]     [Yosemite News]

  Powered by Linux