Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3609
Views
0
Helpful
1
Replies

Quickset SX20 external H.323 Access Via Internet

Bill.Anderson
Level 1
Level 1

‎10-12-2012 10:28 AM - edited ‎03-17-2019 11:58 PM

Hi Folks,

I have a Quickset SX20 Integrated into CUCM 8.6.2 and can connect via iPad Jabber internally, and can create multipoint conferences including external H.323 destinations.

Im trying to get this "visible" on the internet, and have created _h323cs and _h323ls SRV records etc, and have opened up the relevant ports inbound on my firewall (UDP 1719, TCP 1720, TCP 5555-6555 and UDP 2326-2487).  Using a 3rd Party H.323 Video client on my Mac, I can connect internally via H.323 and establish a video call, however when the same is tried via the internet public IP of the SX20, I cannot connect.

Some debugging on the H.323 client shows that we establish an H.225 session an intital connection is established up to the point where we start H.245, and the SX20 offers (in one example below) the TCP port 5574 for connection for H.245, but when the client tried to establish H.245 on this port, the connection is refused

Abridged log file.

5:59.786    H225 Calle...er:be707d0            h323.cxx(3379)    H323    InternalEstablishedConnectionCheck: connectionState=AwaitingSignalConnect fastStartState=FastStartDisabled

  5:59.953    H225 Calle...er:be707d0         h323pdu.cxx(566)    H225    Receiving PDU:

  {

    q931pdu = {

      protocolDiscriminator = 8

      callReference = 28599

      from = destination

      messageType = Connect

      IE: Bearer-Capability = {

        88 18 86 a5                                        ....

      }

     

    }

    h225pdu = {

      h323_uu_pdu = {

        h323_message_body = connect {

          protocolIdentifier = 0.0.8.2250.0.6

          h245Address = ipAddress {

            ip =  4 octets {

              57 55 72 be                                        WUr.

            }

            port = 5574

Then

5:59.953    H225 Calle...er:be707d0            h323.cxx(2354)    H225    CreateOutgoingControlChannel h245Address = ipAddress {

     ip =  4 octets {

       57 55 72 be                                        WUr.

     }

     port = 5574

   }

  5:59.953    H225 Calle...er:be707d0      transports.cxx(1544)    OpalTCP    Connecting to <removed IP>:5574 (local port=30006)

  6:00.034    H225 Calle...er:be707d0      transports.cxx(1553)    OpalTCP    Could not connect to <Removed IP>:5574 (local port=30006) - Connection refused(61)

  6:00.034    H225 Calle...er:be707d0            h323.cxx(2380)    H225    Connect of H245 failed: Connection refused

The NAT Settings on the SX20 have the Public IP, NAT set to Auto, Call Setup to Direct and Port Allocation to Static.

I have checked the firewall (Cisco 2821) and the relevant ports are allowed.  The SX20 has a full static 1:1 NAT and the inbound ACL is confgured correctly.

The H.245 message also includes the correct public IP also.

If anyone has any ideas, it would be appreciated.

Regards

Bill

Labels:
0 Helpful
1 Reply 1

VIVLINUX1200
Level 1
Level 1

‎11-08-2012 09:54 AM

Hi Bill,

Please verify following information:

1. SX20 is integrated as H323 Client in CUCM

As per the configuration you mentioned related to SX20 

The NAT Settings on the SX20 have the Public IP, NAT set to Auto, Call Setup to Direct and Port Allocation to Static.

It seems that SX20 is not integrated with CUCM as H323 client

2. What DNS entry you made for  _h323cs and _h323ls, as per configuration on SX20 it seems that only IP address dialling is possible ?

3. What did you dialled from H323 client on MAC, is it Public IP address of SX20 or some URI ?

Regards,

Vivek

0 Helpful
Customers Also Viewed These Support Documents