Marek Podgorny wrote: > Note to make proxy work, the gatekeeper must have *direct connection* to > both networks of the caller and callee. > > What precisely is "direct connection"? It means that if you want to use GnuGk as proxy on your firewall, there shouldn't be an additional firewall between it and the endpoints on either side. > SupportCallingNATedEndpoints=0 > Default: 1 > > Whether to allow an endpoint behind an NAT box that support GnuGk NAT > Traversal technique to receive calls. Use this to block errant gateways > that do not support GnuGk Nat Traversal technique properly from causing one > way audio problems when trying to call to the gateway. > > I always assumed that "Tanderbesque" firewall/NAT traversal is local to > traversal server and traversal client, i.e. it is transparent to external > EPs and gateways. How can a gateway "not support" NAT traversal technique? This switch is explicitely talking about "GnuGk NAT Traversal", which predates H.460.18/.19 and uses different mechanisms. > SupportNATedEndpoints=1 > Default: 0 > > Whether to allow an endpoint behind a NAT box register to the gatekeeper. > If yes, the gatekeeper will translate the IP address in Q.931 and H.245 > channel into the IP of NAT box > > Hmm... Isn't it translating non-routable addresses the ONLY sensible > solution? This is essentially an H323 ALG on gatekeeper side. Could I get > an example of a network topology in which NOT doing this translation helps > connecting the call? This switch comes from a time when most endpoints didn't support a any real traversal protocol. With the default setting you will notice right away that your endpoint is NATed and and problems will arise if you don't make provisions to get the call through. > Cisco VCS Control uses the "non-translation" technique to block NATed EPs > from using Control, thereby forcing users to buy VCS Expressway. Why would > GNUGK use such call routing method as a default? I try very hard not to change the defaults, so you can do version upgrades without having to worry if your old config will work. In a sensible network config most users won't see any problem with the default, all others will have to think about it for a moment. Regards, Jan -- Jan Willamowius, Founder of the GNU Gatekeeper Project EMail : jan@xxxxxxxxxxxxxx Website: http://www.gnugk.org Support: http://www.willamowius.com/gnugk-support.html Relaxed Communications GmbH Frahmredder 91 22393 Hamburg Geschäftsführer: Jan Willamowius HRB 125261 (Amtsgericht Hamburg) USt-IdNr: DE286003584 ------------------------------------------------------------------------------ November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk _______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/
