Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

PIX & NAT & Video over IP

We are setup a video over ip through PIX firewall for demo. One RADvision MCU and one PictureTel viewstation are installed inside the PIX. Static NAT map for MCU and viewstation has been configured on PIX. Any traffic to MCU and viewstation are permitted. Default fixup include H.323 and H.323 RAS has been configured. Our problem is the call from Microsoft netmeeting outside the PIX to viewstation is ok but the reverse call has problem. The internal viewstation cannot get the video and audio from outside netmeeting but the netmeeting can show the video and audio from inside viewstation. We have use sniffer to analyse the packet and find that the return packet from outside netmeeting use the internal private IP address of viewstaion as its dest IP. The initail session setup of H.323(TCP/1720) is ok but the H.245 setup packet sent out from the PIX outside interface still use the internal IP address of viewstation in the data part of the packet. The initail session setup occurs between MCU and outside netmeeting but subsequent packets are between netmeeting and viewstation.I think this IP address in data part of the packet should be fixed up and replaced with real public IP address of viewstation configured on PIX. My PIX config is simple with just static NAT,access-list and fixup. Anyone can tell me if I need some other special config or this version of PIX (6.2) have bugs.

2 REPLIES
New Member

Re: PIX & NAT & Video over IP

I have a simular configuration with an Altigen Gateway behind the firewall, and a simular problem. I've been racking my head for a week already and can't get Netmeeting to work trough the PIX.

If you find anything please let me know!

Re: PIX & NAT & Video over IP

Often times complex troubleshooting issues are best addressed in an interactive session with one of our trained technical assistance engineers. While other forum users may be able to help, it’s often difficult to do so for this type of issue.

To open a case with one of our TAC engineers, visit http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

295
Views
0
Helpful
2
Replies
CreatePlease to create content