Hi Jan, thanks for the quick reply; I saw the traversal scheme on the website, however I was wondering if sample config files for this setup are also available. As for the two firewalls - only one of them does NAT (the one closer to the planned GnuGK), the other one is packet filtering only. My assumptions here were: - connections will only be made FROM GnuGK (acting as H460 traversal client) TO VCS Expressway - connections will be limited to specific, discrete ports, and only few of them, which are well-known (list is actually included in my diagram) - no NAT If those assumptions are correct, my understanding would be that the second firewall would basically be invisible to both the GnuGK and VCS Expressway (as the specific connections would be allowed, no others would even be tried, and no NAT is happening), so I figured it would not be a factor. I hope I haven't missed out on anything? Florian. On 04.01.2013, at 13:30, Jan Willamowius <jan@xxxxxxxxxxxxxx> wrote: > Hi Florian, > > with GnuGk you should be able to tunnel out older endpoints not > supporting firewall traversal or RTP multiplexing in configurations > where an endpoint capable of traversal would be able to connect. > > In your diagram there are 2 firewalls between GnuGk and the VCS and > that might be an issue. Usually you need one gatekeeper per firewall to > traverse. > > Such a traversal zone setup is sketched on the website: > http://www.gnugk.org/gnugk-traversal.html > > Regards, > Jan > > -- > Jan Willamowius, Founder of the GNU Gatekeeper Project > EMail : jan@xxxxxxxxxxxxxx > Website: http://www.gnugk.org > Support: http://www.willamowius.com/gnugk-support.html > > > Florian von Kurnatowski wrote: >> Jan, All, >> >> first of all - Happy New Year to Everyone! >> >> I have a configuration task at hand and I was just wondering whether anyone had done this before and would have a sample config to start with. The issue is to connect two sites via a VPN. One site has a Tandberg Cisco VCS Expressway unit available to manage inbound traffic. That site's firewall is very restrictive, only allows inbound traffic and does not support port range setups by policy, so all inbound traffic would require to use RTP Multiplexing as well as H.460 firewall traversal with keep alive connections. The primary purpose of that VCS is to support directly-registered endpoints, and it works fine using both Tandberg C-Series equipment (using proprietary Assent protocols) as well as Polycom HDX using H.460.18/19. >> >> Now, the new site to be connected has >> - multiple systems >> - old systems not supporting RTP multiplexing (e.g. Polycom VSX) >> - does some further routing elsewhere >> >> So I thought of using GnuGK for the purpose, understanding that it could act as a local gatekeeper at the new site and managing both the traversal and the multiplexing towards the VCS. >> >> Not tried yet, but would anyone have an idea >> a) whether this configuration is possible >> b) whether there are any specific issues or limitations with it >> c) have a working config sample? :-) >> >> Very grateful for any advice. I have attached a diagram showing the various components and networks. >> >> Thanks in advance, >> Florian. > > > ------------------------------------------------------------------------------ > Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and > much more. Get web development skills now with LearnDevNow - > 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts. > SALE $99.99 this month only -- learn more at: > http://p.sf.net/sfu/learnmore_122812 > _______________________________________________________ > > Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx > Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users > Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users > Homepage: http://www.gnugk.org/ ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnmore_123012 _______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/
