×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

H323 - PIX 515E

Unanswered Question
Nov 6th, 2003
User Badges:

hi everyone

my problem's about right configurationf for a pix

515e running 6.3.3


the pix is installed between the router which is the end-point to the internet and the internal lan.


The PIX shounld:


make dynamic nat for the private clients for navigating


make static nat for a private GK installed on the private network (the same of the clients) on one pubblic address

---|

ROUTER ----- pif 515e (failover) | private Net

---| (gk and video

inside here)


the videocommunication from the video conference box (video) works like this:


i see and hear the other part

they cant hear and see me


gateways are ok.


Is that possible that making dynamic nat for the whole private network creates problems to the static nat configured for the GK (which is in the same private net) ?


anyone heard particular problems with 6.3.3 regarding

h323?


FROM the CISCO site


(http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a008017278b.html#1079378) :


". If you configure a network static where the network static is the same as a third-party netmask and address, then any outbound H.323 connection fails."


SOMEONE can translate me this point? i couldn't get it..but seems interesting




waiting for suggestions

thanks




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
drolemc Wed, 11/12/2003 - 11:28
User Badges:
  • Silver, 250 points or more

Static takes preference over dynamic and should not be a problem. However, if you still suspect that including the whole private network in dynamic nat is interfearing with the static translation, you could add an additional deny statement to your access list (that defines the inside addresses to be dynamically natted). A similar configuration example for routers is available at http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093f31.shtml

Actions

This Discussion