Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 525 - PAT & NAT 1-1 for rtsp 554 and 7070

We have a PIX 525, setup to do PAT, we are having problems getting RealPlayer to work, over rtsp 554 and 7070, 7071.

Question, the following cisco site says PAT & NAT 1-1 won't work with rtsp.

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a008017278b.html#wp1063957

look at table 5-1, and rtsp it says no PAT and no NAT (1-1).

Is this true for NAT 1-1? was this limited to a certain IOS?

Do we have to do pool to pool NAT for it to work?

1 REPLY
Silver

Re: PIX 525 - PAT & NAT 1-1 for rtsp 554 and 7070

PIX having some restriction for Streaming Media.

The fixup protocol rtsp command lets PIX Firewall pass RTSP packets. RTSP is used by RealAudio, RealNetworks, Apple QuickTime 4, RealPlayer, and Cisco IP/TV connections. PIX Firewall does not support multicast RTSP.

If you are using Cisco IP/TV, use RTSP TCP port 554 and TCP 8554:

fixup protocol rtsp 554

fixup protocol rtsp 8554

PAT is not supported with the fixup protocol rtsp command

PIX Firewall cannot perform NAT on RTSP messages because the embedded IP addresses are contained in the SDP files as part of HTTP or RTSP messages. Packets could be fragmented and PIX Firewall cannot perform NAT on fragmented packets.

RTSP inspection does not support PAT or dual-NAT. Also, PIX Firewall cannot recognize HTTP cloaking where RTSP messages are hidden in the HTTP messages.

Try this:

Disable RTSP protocol inspection as a workaround

392
Views
0
Helpful
1
Replies
CreatePlease to create content