> Even so, I doubt that it would work... As the GK is on a DMZ, > there is a > double NAT (client->GK and GK-> Internet). Remember that H323 > is not NAT > friendly. Indeed it hates NAT. Sure. I had the same in mind as you write above: one lag in the WAN, the other in the LAN. Related to security: in a case like this a software firewall on application layer would be a good solution. - Frank > Why didn't You put Your GK connected directly to the internal > and to the > Internet? So, if You configure GK to work also as a Proxy, > for sure, it will > work. And about security concerns, let only INPUT traffic > allowed and close > all other ports. Restrict also the ranges and services > provided by the GK to > external users, so that You minimize any security thread. > > Edson. > > > -----Original Message----- > > From: openh323gk-users-bounces@xxxxxxxxxxxxxxxxxxxxx > [mailto:openh323gk- > > users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Frank Fischer > > Sent: quarta-feira, 14 de junho de 2006 08:58 > > To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx > > Subject: Re: Proxying question from a > frustrated newbie > > > > Why not using the gatekeeper as proxy? > > > > - Frank > > > > > -----Original Message----- > > > From: openh323gk-users-bounces@xxxxxxxxxxxxxxxxxxxxx > > > [mailto:openh323gk-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On > > > Behalf Of Ruairi Hickey > > > Sent: Wednesday, June 14, 2006 1:55 PM > > > To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx; Walters, Anthony > > > Subject: Proxying question from a > frustrated newbie > > > > > > Hi, > > > > > > I am trying to setup a gateway / proxy for a mixture of > > > clients on an > > > internal network (polycom, netmeeting, ekiga) which are > on a private > > > (172.16,x,x) network. The proxy is outside our internal > > > firewall in a dmz > > > off of our external firewall (ie not directly connected to > > > 172.16.x.x but > > > with a valid Internet ip address). > > > I have the system setup so the internal clients register > > > with the gatekeeper > > > and can call each other. > > > > > > I want to have it so the internal clients can call any > > > endpoint on the > > > Internet and have the gateway proxy *all* traffic. Is this > > > possible / > > > practical ? > > > > > > I would envisage adding an internal proxy which is a child > > > of the external > > > proxy at some time in the future... > > > > > > I've been digging at this for about 4 weeks on and off and > > > would appreciate > > > any help / sample configs etc.... > > > > > > Thanks > > > Ruairi > > > > > > > > > _______________________________________________________ > > > > > > Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx > > > Archive: > http://sourceforge.net/mailarchive/forum.php?forum_id=8549 > > > Unsubscribe: > > > http://lists.sourceforge.net/lists/listinfo/openh323gk-users > > > Homepage: http://www.gnugk.org/ > > > > > > > > > > > > > _______________________________________________________ > > > > Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx > > Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 > > Unsubscribe: > http://lists.sourceforge.net/lists/listinfo/openh323gk-users > > Homepage: http://www.gnugk.org/ > > > > _______________________________________________________ > > Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx > Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 > Unsubscribe: > http://lists.sourceforge.net/lists/listinfo/openh323gk-users > Homepage: http://www.gnugk.org/ > _______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/
