I have a SOHO with a PIX 501. I have a cable modem that plugs into the outside interface of the PIX.I would like to allow Microsoft Netmeetings. What is the proper congig? I'm running ver 6.3.1.
Do you mean netmeeting from outside to inside?
Based on this link
these are the ports you need to open and also need static translation for.
e.g. if you want to connect to a PC from outside to inside
static (inside,outside) tcp interface 389 192.168.1.1 389
You need smiliar static for all the ports that netmeeting will be using.
YOu need access-list to allow the traffic
access-list 100 permit tcp any host
Thanks Nadeem for replying.
I only need to allow people to connect to my SOHO PC.
The user I'm testing with is coming from behind a PIX 515 running ver 5.3.(4). I don't receive any video. I added the following line to my config:
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
static (inside,outside) x.x.x.x y.y.y.y
access-list acl-out permit tcp any host x.x.x.x eq 522
access-list acl-out permit tcp any host x.x.x.x eq ldap
access-list acl-out permit tcp any host x.x.x.x eq 1503
access-list acl-out permit tcp any host x.x.x.x eq h323
access-list acl-out permit tcp any host x.x.x.x eq 1731
Does the user behind the 515 need to add any lines to his PIX 515?
it is not necessary to add these commands on the other pix, provided fixup are intelligently picking up dynamic ports. but to start with you may try adding the similiar commands in both the pix