There is no standard way to make normal H.323 endpoints to work behind NAT - at least the ones available on market. Without using port forwarding/proprietary extensions/STUN servers. I don't belive you were able to use OpenPhone or any other regular H.323 device (not the one from your proprietary vendor) and receive inbound calls behind NAT without port forwarding. It's simply TECHNICALLY IMPOSSIBLE. Otherwise, there would not exist so called "NAT problem".
----- Original Message ----- From: "Abano, Fernando" <fabano@xxxxxxxxxxxxxx>
Sent: Tuesday, November 09, 2004 6:22 PM
Openphone will not work, just because authentication was changed to also check for the MAC address.
Reason I brought this up is I was wondering if this feature would make GnuGK
more robust
-----Original Message----- From: openh323gk-users-admin@xxxxxxxxxxxxxxxxxxxxx [mailto:openh323gk-users-admin@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Zygmuntowicz Michal Sent: Wednesday, November 10, 2004 1:14 AM To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Subject: Re: GK for Behind-of-Linksys Router Endpoints
I think you did not undestand me. Can you use ANY H.323 endpoint, like ohphone, openphone, Cisco ATA, and it will work behind NAT? They can provide H.323-compiliant endpoints with some propriertary extensions - but the extensions are not H.323 compiliant and are not standard.
How does this relate to GnuGk?
----- Original Message ----- From: "Abano, Fernando" <fabano@xxxxxxxxxxxxxx>
Sent: Tuesday, November 09, 2004 6:00 PM
The endpoints are not proprietary. They are H.323-compliant endpoints.
Yes, I think it might have some extensions to allow for NAT traversal as it can even do double NAT traversal (the Linksys router can be deployed either as an internet gateway, or it can be part of an internal network that is connected to another internet gateway.
-----Original Message----- From: openh323gk-users-admin@xxxxxxxxxxxxxxxxxxxxx [mailto:openh323gk-users-admin@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Zygmuntowicz Michal Sent: Wednesday, November 10, 2004 12:50 AM To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Subject: Re: GK for Behind-of-Linksys Router Endpoints
As you write: "proprietary" which means not truly H.323 compiliant. It surely has some extensions to allow NAT traversal. NAT traversal is trivial, if you don't follow standards.
Can you use any H.323 endpoint with this gatekeeper and it works behind NAT? Or can you use those proprietary endpoints behind NAT with any H.323 gatekeeper? The answer is no...
----- Original Message ----- From: "Abano, Fernando" <fabano@xxxxxxxxxxxxxx>
Sent: Tuesday, November 09, 2004 5:29 PM
What I have seen was this "proprietary" GK and all that was needed by the
endpoints was broadband connection. The EPs can be public or private. And
it
allows multiple EPs behind a single Linksys router.
-----Original Message-----
From: openh323gk-users-admin@xxxxxxxxxxxxxxxxxxxxx
[mailto:openh323gk-users-admin@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of
Zygmuntowicz Michal
Sent: Wednesday, November 10, 2004 12:23 AM
To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: GK for Behind-of-Linksys Router Endpoints
One side note: You don't have to forward any ports if you have a child GnuGk gatekeeper behind NAT and its parent is also GnuGk. The child must be running in a proxy mode, the parent should have at least ProxyForNAT=1 set.
----- Original Message ----- From: "Stewart Nelson" <sn@xxxxxxxxxxx>
Sent: Tuesday, November 09, 2004 5:08 PM
Hi Fernando,
I have noticed that if I have an endpoint connected to a Linksys router, or some other dumb router, I need to DMZ the EP.
Not quite true, you just need to forward the required ports.
What happens then if I have multiple endpoints behind a single dumb router?
If the endpoints can use different signaling and media ports, no problem. For example, the ATA-186 looks like two independent endpoints and works fine. However, this is an administrative hassle if you have many endpoints on different private addresses.
Not sure how other developers did it, but I saw a product that allows
multiple endpoints behind the dumb router, without any "special" config
changes on the router, register to an outside GK, receive inbound calls
from
the PSTN, and make outbound calls to the PSTN.
Is this possible with GNUGK?
You can run gnugk behind the NAT and have many local endpoints register to it. However, you still need the NAT to forward required ports to gnugk.
I can't see how the product you describe could work with a "generic"
outside GK; I'd appreciate a link to the documentation. Also, I suspect
that the outside GK would have to proxy everything, which is a
performance problem in many cases.
While it is often useful to put an endpoint behind a NAT over which you have no control, e.g. in a hotel, it is hard for me to imagine a situation where you install multiple endpoints, yet are not granted the right to have some ports forwarded. Could you please give some more details about your application?
If you are just trying to provide PSTN access to multiple users at a site, similar to Vonage, Packet8, Broadvoice, etc., IMHO you should use SIP, just like those providers do.
--Stewart
------------------------------------------------------- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
_______________________________________________________
List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
