Re: PIX520 and H323

tasksrl7808 · ‎02-08-2006

Hi!

I have a problem on permitting H323 traffic through a PIX 520 IOS ver 6.3 (3).

These are rules setted to allow traffic:

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

They don't seem to be working (I tried also to add ACLs without any result):

Feb 1 17:28:01 "PRIVATE PIX IP" %PIX-6-302015: Built inbound UDP connection 51200646 for outside: "PUBLIC OUTSIDE H323 ENDPOINT"/14698 ("PUBLIC OUTSIDE H323 ENDPOINT"/14698) to inside:"INSIDE H323 ENDPOINT"/1719

Feb 1 17:28:01 "PRIVATE PIX IP" %PIX-6-302015: Built inbound UDP connection 51200648 for outside:"PUBLIC OUTSIDE H323 ENDPOINT"/14699 ("PUBLIC OUTSIDE H323 ENDPOINT"/14699) to inside:"INSIDE H323 ENDPOINT"/1719

Feb 1 17:28:16 "PRIVATE PIX IP" %PIX-6-302016: Teardown UDP connection 51196548 for outside:"PUBLIC OUTSIDE H323 ENDPOINT"/14618 to inside:"INSIDE H323 ENDPOINT"/1719 duration 0:05:04 bytes 952

I have read somewhere that it's probably because of IOS ver 6.3 only works with H323 ver 1 and 2, but not with ver 3! Is this true?

If it is, what can I do since I think I'm not able to upgrade PIX520 to IOS ver 7?

Regards

Francesco

spremkumar · ‎02-08-2006

Hi

i would suggest to check this data sheet which talks about the features the PIX OS 6.3 bring in.

If you check under Voice over IP (VoIP) and Multimedia its very clear that it does supports H.323 Version 3 and 4.

So i dont think the OS has something to do with the error msg.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a0080148714.html

regds

tasksrl7808 · ‎02-09-2006

Hi!

Thank you for the interest. However I have still problems even if my PIX configuration is like the one reported in this documentation by CISCO:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00801fc74a.shtml

Regards

Francesco