Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
250
Views
0
Helpful
1
Replies

netmeeting over nat

leeb
Level 1
Level 1

‎04-24-2003 10:13 PM - edited ‎03-09-2019 03:01 AM

I have a network with pix 515 ver 6.2.

the pix does nat.

I cannt get file tranfer with the netmeeting software.

someone told me that it because of the nat .

is IT true?

-do i have to by a range of public ip's

-does the 6.3 ver of pix can help?

Labels:
0 Helpful
1 Reply 1

wong34539
Level 6
Level 6

‎04-30-2003 12:44 PM

The Pix should have no problems with Netmeeting.

Below is a sample config for

setting up Netmeeting to be allowed through the PIX. If you are using access list then configure an

access list in the same way for the external interface.

Sample config:

Note these are ficticious IP's ...

nameif ethernet0 outside security0

nameif ethernet1 inside security100

fixup protocol h323 1720

static (inside,outside) 204.71.200.75 10.1.1.75 netmask 255.255.255.255 0 0

conduit permit tcp 204.71.200.75 255.255.255.255 eq 389 any

conduit permit tcp 204.71.200.75 255.255.255.255 eq 522 any

conduit permit tcp 204.71.200.75 255.255.255.255 eq 1503 any

conduit permit tcp 204.71.200.75 255.255.255.255 eq 1731 any

conduit permit tcp 204.71.200.75 255.255.255.255 eq h323 any

You may have other security requirements. This will let any host start a netmeeting

session to external IP 204.71.200.75 that is pointing to a host on the inside with IP 10.1.1.75.

NetMeeting uses the following Internet Protocol (IP) ports:

Port Purpose

-------------------------------------

389 Internet Locator Server [Transmission Control Protocol (TCP)]

522 User Location Server (TCP)

1503 T.120 (TCP)

1720 H.323 call setup (TCP)

1731 Audio call control (TCP)

Dynamic H.323 call control (TCP)

Dynamic H.323 streaming [Realtime Transport Protocol (RTP) over User Datagram

Protocol (UDP)

To establish outbound NetMeeting connections through a firewall, the firewall must be

configured to do the following:

a.. Pass through primary TCP connections on ports 522, 389, 1503, 1720 and 1731.

b.. Pass through secondary UDP connections on dynamically assigned ports (1024-65535).

The H.323 call setup protocol (over port 1720) dynamically negotiates a TCP port for use by the

H.323 call control protocol. Also, both the audio call control

protocol (over port 1731) and the H.323 call setup protocol (over port 1720) dynamically negotiate

User Datagram Protocol (UDP) ports for use by the H.323 streaming protocol, called the real time

protocol (RTP). In NetMeeting, two ports are determined on each side of the firewall for audio and

video streaming. These dynamically negotiated ports are selected arbitrarily from all ports that can

be assigned dynamically.

NetMeeting directory services require either port 389 or port 522, depending on the type of server

you are using. Internet LocServers (ULSs), Servers (ULSs), developed for NetMeeting 1.0, require

port 522. (ILSs), which support the lightweight directory access protocol (LDAP) for NetMeeting

2.0 or later, require port 389. User Location

0 Helpful
Customers Also Viewed These Support Documents