To establish outbound NetMeeting connections through a firewall, the firewall must be configured to do the following:
- Pass through primary TCP connections on ports 389, 522, 1503, 1720, and 1731.
- Pass through secondary TCP and UDP connections on dynamically assigned ports (1024-65535).
TCP-389---------Internet Locator Service (ILS)
TCP-522---------User Location Service
TCP-1720--------H.323 call setup
TCP-1731--------Audio call control
TCP-Dynamic-----H.323 call control
UDP-Dynamic-----H.323 streaming Real-Time Transfer Protocol (RTP)
The following ACL example is used to allow outside user to establish netmeeting connection to internal host that mapped to Public ip of xx.xx.xx.xx
access-list outside permit tcp any host xx.xx.xx.xx eq 389
access-list outside permit tcp any host xx.xx.xx.xx eq 522
access-list outside permit tcp any host xx.xx.xx.xx eq 1503
access-list outside permit tcp any host xx.xx.xx.xx eq 1720
access-list outside permit tcp any host xx.xx.xx.xx eq 1731
access-list outside permit udp any host xx.xx.xx.xx range 1024 65535
access-group outside in interface outside
static (inside,outside) xx.xx.xx.xx aa.aa.aa.aa netmask 255.255.255.255 -> map your internal host IP to public IP. ***
If you have ACL applied on your firewall-inside interface and need to allow internal host to establish netmeeting session on the outside/internet, the ACL will be similar, except change the xx.xx.xx.xx IP to real internal host ip and static map *** is not required. Apply the ACL on the firewall-inside interface.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...