Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1274
Views
0
Helpful
6
Replies

Question about Video conference

Go to solution
Luis Carranza
Level 1
Level 1

‎10-20-2010 09:36 AM - edited ‎03-11-2019 11:57 AM

Hi guys I got a situation right now, my client wants to make videoconference call thorugh Microsoft Office Communicator, this should be operating between host from one site to another one, but we already configured some rules in the firewalls, and making some test I see that the videoconference use dynamic ports (1024 to 65535) and if we let to operate the videoconference we should remove all the rules in the firewall and that's not the point, so If you know any solution to this issue please let me know.

Regards

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee
In response to Luis Carranza

‎10-20-2010 02:13 PM

Hello Luis,

No problem, hopefully waiting for this to be supported. Would you please marked this issue as closed?

Thanks!

Mike

Mike

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee

‎10-20-2010 11:52 AM

Hello Luis,

Microsoft Office communicator uses a protocol that is called STUN if it goes over UDP. Unfortunately STUN is not supported on the ASA, thus video conference calls using Office communicator wont work. This is because over the communication already established they open new channels for new traffic flow, since the firewall does not see this traffic, the packets get dropped.

Hope it helps.

Mike

Mike
0 Helpful

Go to solution
Luis Carranza
Level 1
Level 1
In response to Maykol Rojas

‎10-20-2010 01:21 PM

Hi Maykol

In fact I was making test with 2 users and only when I remove the security rules and it works but when I apply the security rules the connection drops because every new connection uses different ports. I was wondering if there are any other method to get this work but I'm affraid there is not.

Regards

0 Helpful

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee
In response to Luis Carranza

‎10-20-2010 02:09 PM

Hello Luis

That is exactly the problem. I talked to the folks from Microsoft when I had this issue and they told me how Communicator works, during the call they start another control channel in order to open the new dynamic set of ports, if the firewall does not see these ports the traffic gets drop.

Hopefully STUN support will be introduced in New versions.

Cheers

Mike

Mike
0 Helpful

Go to solution
Luis Carranza
Level 1
Level 1
In response to Maykol Rojas

‎10-20-2010 02:11 PM

Thanks for your help Maikol. I really appreciate it.

Regards

0 Helpful

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee
In response to Luis Carranza

‎10-20-2010 02:13 PM

Hello Luis,

No problem, hopefully waiting for this to be supported. Would you please marked this issue as closed?

Thanks!

Mike

Mike
0 Helpful

Go to solution
cisco
Level 1
Level 1

‎01-09-2012 01:47 PM

Has anyone figured a work around for this problem?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card