not H.323-aware NAT on pix 515 firewall with ios version 7.2

Unanswered Question
Jun 4th, 2008

How H.323-aware feature in

the pix device disabled.I have done ststic natting for voip media gateway.Over the static nat its not working.I got to know that the pix device must be with H.323-aware feature disabled.

Could you please let me know how to configure it.

I have done following changes but no luck

policy-map global_policy

> class inspection_default

> no inspect h323 h225

> no inspect h323 ras

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
hadbou Tue, 06/10/2008 - 06:18

The two major functions of H.323 inspection are as follows:

1)NAT the necessary embedded IPv4 addresses in the H.225 and H.245 messages. Because H.323 messages are encoded in PER encoding format, the security appliance uses an ASN.1 decoder to decode the H.323 messages.

2)Dynamically allocate the negotiated H.245 and RTP/RTCP connections.

Refer the following url for more information on the "inspect H323" command:

http://www.cisco.com/en/US/docs/security/asa/asa81/command/ref/i2.html#wp1709182

Refer the following url for more information on configuring H323:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081042c.shtml#configs3

Actions

This Discussion