h.323 conversation

Answered Question
Mar 25th, 2008

Hello, I am looking for help on configuring the h.323 inspection rules on a ASA5520. I have a h.323 device on my inside network that moves around and i would like to create a rules that allow h.323 traffic to specific outside devices. Can anyone help me out with this configuration? Thanks!

I have this problem too.
0 votes
Correct Answer by didyap about 8 years 8 months ago

You must permit traffic for the well-known H.323 port 1720 for the H.225 call signaling; however, the H.245 signaling ports will be negotiated between the endpoints in the H.225 signaling. Also note that the security appliance does not support TCP options in the Proxy ACK for the TPKT. Following link may help you

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/inspect.html#wp1229306

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
didyap Mon, 03/31/2008 - 09:32

You must permit traffic for the well-known H.323 port 1720 for the H.225 call signaling; however, the H.245 signaling ports will be negotiated between the endpoints in the H.225 signaling. Also note that the security appliance does not support TCP options in the Proxy ACK for the TPKT. Following link may help you

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/inspect.html#wp1229306

Actions

This Discussion