Re: gnugk in nproxy mode and direct connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,
First thanks for your response.
My graph wasn't clear when i post it to the list.
New attempt !!
Hope it will be ok.

                Internet
                    |
         ExternalFirewall
        (public ip address)
              193.x.x.x
                    |
                    |-------- GNUGK
                    |            (public ip address)
                    |            193.x.x.x
                    |
           InternalFirewall
               /      |          \
             /        |            \
           /          |              \
   10.5.x.x    10.3.x.x    10.17.x.x


I want precise that i'm a newbie in gnugk.

Only the ExternalFirewall make some nat for some defined clients.

The GK has a public ip adrress and is directly accessible from the internet.

I want my EP can register to the GnuGk and allow external EP to register 
to my GK in order to make a h323 communication.
I want all the traffic (Signaling+RTP/RTCP) pass throw the gnugk.

I think in proxy mode i can register internal EP with private address 
whithout making nat because communication is always between the EP and 
the GK and not directly beetween EP. Is it right ?

When i make a test, i.e register an internal EP and an external EP to 
the GK all seems to be ok (register/signaling).
But when the data connections starts (audio and video) the Gk receive 
data from external EP and internal EP but is never forward data beetween 
the 2 EP.

That's why i was thinking about the problem of "direct connection" in  
proxy mode but i don't understand very well what was "direct connection"...

I think i don't need nat fonctionality in our configuration but perhaps 
i make an error. Please correct me if i'm wrong.

Thanks for you help.

Fred


Simon Horne a écrit :
> Frederic
>
> You can port forward with GnuGk 2.2.7. You put the internal firewall in the
> DMZ of the outside firewall and port forward on the internal firewall to the
> GnuGk box. There is a an example etc\nat.ini in the distribution which tells
> you which ports to forward from your internal firewall to the GnuGk box. As
> long as you know the external IP of the external firewall it should work.
>
> Simon
>
>
>   
>> -----Original Message-----
>> From: openh323gk-users-bounces@xxxxxxxxxxxxxxxxxxxxx
>> [mailto:openh323gk-users-bounces@xxxxxxxxxxxxxxxxxxxxx]On Behalf Of
>> Frederic SOULIER
>> Sent: Monday, June 16, 2008 6:21 PM
>> To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
>> Subject:  gnugk in nproxy mode and direct connections
>>
>>
>> Hi,
>> I attempt to configure gnugk in proxy mode.
>> I have a problem with our environnement.
>>
>> Our network is like this :
>>
>>                                           |------ PrivateNetwork
>> (10.5.0.0/16)
>> Internet ---> ExternalFirewall -------> DMZ------->
>> InternalFirewall------  |------- PrivateNetwork (10.3.0.0/16)
>>
>> |                                                     | ............
>>                                                              |
>>                                           |-------PrivateNetwork
>> (10.2.0.0/16)
>>                                                       GNUGK
>>                                    PublicNetwork (193.x.x.x)
>>
>>
>> I want to set up gnugk in proxy mode to permit all my clients in any
>> network to use the GK in order to start visioconferences with  externals
>> end points.
>> Reading the documentation i saw gnugk MUST have a direct connection to
>> the networks in order to work correctly.
>> Indeed when i make some tests with One external EP on the "Internet" and
>> one EP in our network, the proxy mode seems to work when my client is on
>> on the "DMZ" but not when the client is behind the "InternalFirewall".
>> Note that my internalFirewall don't make nat, it just make routing and
>> filtering between the internal networks.
>>
>> I want to understand if the Gnugk must really have a network card on
>> each networks in order to work in proxy mode because i can't install
>> gnugk on the "InternalFirewall". Is there another solution exept to add
>> networks cards to my gnugk.
>>
>>
>> Thanks for your advice.
>>
>>
>> Regards
>>
>>
>>
>> --
>> Frederic Soulier
>>
>> Administrateur Reseau
>> Centre de Ressources Informatiques
>> Université Toulouse 1 Sciences Sociales
>> 2 RUE DU DOYEN GABRIEL MARTY
>> 31042 TOULOUSE CEDEX 9
>> Tel : +33 5 61 63 39 98 / +33 5 61 63 39 98
>> Fax : +33 5 61 63 37 98   Bureau : AR38 bis
>> http://cri.univ-tlse1.fr/
>>
>>
>>
>>
>> -------------------------------------------------------------------------
>> Check out the new SourceForge.net Marketplace.
>> It's the best place to buy or sell services for
>> just about anything Open Source.
>> http://sourceforge.net/services/buy/index.php
>> _______________________________________________________
>>
>> Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
>> Archive:
>> http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users
>> Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users
>> Homepage: http://www.gnugk.org/
>>     
>
>
>   


-- 



-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________________

Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users
Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users
Homepage: http://www.gnugk.org/
[Index of Archives]     [SIP]     [Open H.323]     [Gnu Gatekeeper]     [Asterisk PBX]     [ISDN Cause Codes]     [Yosemite News]

  Powered by Linux