In this case they have a PIX Firewall and I believe the IPIPGW could either sit on the Inside or the DMZ as long as UDP 1719 is open to the IPIPGW. The question is about the dial peers. I will have one H323 dial peer pointing towards my internal GK so that if someone calls from the outside they can get routed through my GK. I will also have CCM configured with a RP pointing to a GK controlled trunk that point to the IPIPGW for outbound calling so that you can out dial from MP. The question is since the end points on the internet can originate from any IP address how do you design the out bound dial peer so that you can connect it through the IPIPGW. All the examples I see just have session target ras or session target DNS Server IP address (but that seems to be SIP specific).
Does have anyone have a good working config/ document in this type of Video set up? Are there any caveats or design points I need to be aware of?
So let me explain this topology. We have a customer who is running MP with Video integration and everything works fine as long as the calls are generated inside the network. What we are trying to do is have a Video end point on the Internet come in through the IPIPGW who has an internal GK process running. It then sends the call to another GK inside the network who then routes it accordingly to MP. What I am trying to do is to leave MP out of the picture since the official word from the BU is that they have not tested this topology but instead try to get a simple video call going from the outside to the inside. Right now what we have done is add the IPIPGW as a H323 Gateway in CCM and internally we can make Pt to Pt Video calls but from the outside its failing. Now the customer is not doing the recommended way which is hanging the IPIPGw of the DMZ or keeping it on the inside. Instead they have one interface of the IPIPGW on the outside and one on the inside thereby bypassing the firewall so as to avoid any issues with PIX blocking any packets. The inside interfaces of the IPIPGW can be reached by everyone on the inside of the network, the outside interface is a Public IP that is of course not reachable on the inside and I am not sure if we are having issues there. I would greatly appreciate it if you could share your IPIPW config and PIX config where you opened the port for the IPIPGW? So basically I am trying to get inbound calls to work and then move on to outbound calls. Any config that you can share would help us since this has been open with TAC for more than 2 weeks now. I can provide my email address if you want to send it to me directly. I can then also share my Visio of the toplogy of what the entire design is.
Sure, give me your email, I I'll send my configs over. Not sure about your video deployment and what is needed to match in/out. My environment is H.323 voice and dialpeers are matching on called numbers and destination patters.
On the PIX, I basically opened up h.323, RAS, RTP, and a lot of other CCM specific stuff. Cisco published a TCP/UDP port usage doc for CCM version X.XX You might need to look at your fixups on the pix too.
Also regarding the ports I am even more confused since the whole point of the IPIPGW the way I understand is to be a video proxy. According to the Networkers slides you are supposed to open only UDP 1719 through the PIX to the IPIPGW address. Once you send your configs I can send you the screen shot for the slides and other network diagrams. In this case since the IPIPGW is parallel to the PIX it should be open completely and all ports should be allowed.
Are you getting this error “Installer User Interface Mode Not Supported. The installer cannot run in this UI mode. To specify the interface mode, use the -i command-line option, followed by the UI mode identifier. The value UI mode identifiers...
The below trick might come handy when you have to add a new node to a cluster but you don't have or is unsure of the security password for the publisher. This procedure has been around for ages.
1) Login into the CLI of the Publisher.