Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX515e and Netmeeting

Hello,

I need the correct syntax to configure ip 67.117.78.183 to pass the Netmeeting protocol. Does anyone know the syntax and port for this protocol?

TIA,

Gary

2 REPLIES

Re: PIX515e and Netmeeting

Hi Gary,

To establish outbound NetMeeting connections through a firewall, the firewall must be configured to do the following:

- Pass through primary TCP connections on ports 389, 522, 1503, 1720, and 1731.

- Pass through secondary TCP and UDP connections on dynamically assigned ports (1024-65535).

Port------------Function

TCP-389---------Internet Locator Service (ILS)

TCP-522---------User Location Service

TCP-1503--------T.120

TCP-1720--------H.323 call setup

TCP-1731--------Audio call control

TCP-Dynamic-----H.323 call control

UDP-Dynamic-----H.323 streaming Real-Time Transfer Protocol (RTP)

The following ACL example is used to allow outside user to establish netmeeting connection to internal host that mapped to Public ip of xx.xx.xx.xx

Example:

access-list outside permit tcp any host xx.xx.xx.xx eq 389

access-list outside permit tcp any host xx.xx.xx.xx eq 522

access-list outside permit tcp any host xx.xx.xx.xx eq 1503

access-list outside permit tcp any host xx.xx.xx.xx eq 1720

access-list outside permit tcp any host xx.xx.xx.xx eq 1731

access-list outside permit udp any host xx.xx.xx.xx range 1024 65535

access-group outside in interface outside

static (inside,outside) xx.xx.xx.xx aa.aa.aa.aa netmask 255.255.255.255 -> map your internal host IP to public IP. ***

If you have ACL applied on your firewall-inside interface and need to allow internal host to establish netmeeting session on the outside/internet, the ACL will be similar, except change the xx.xx.xx.xx IP to real internal host ip and static map *** is not required. Apply the ACL on the firewall-inside interface.

More details is available at:

http://www.microsoft.com/windows/NetMeeting/Corp/reskit/Chapter4/default.asp#three

http://www.microsoft.com/technet/prodtechnol/netmting/reskit/netmtg3/part2/chapter4.mspx

Rgds,

AK

New Member

Re: PIX515e and Netmeeting

Wouldn't the h323 fixup handle most of this?

105
Views
0
Helpful
2
Replies