NetMeeting requires several IP ports to establish the outbound connection. What need to be opened in your PIX are:
Port / Function
TCP-389 :Internet Locator Server
TCP-522: User Location Service
TCP-1720: H.323 call setup
TCP-1731:Audio call control
TCP-Dynamic: H.323 call control
UDP-Dynamic: H.323 streaming (RTP over UDP)
To establish outbound NetMeeting connections through a firewall, the firewall must be configured to do the following:
- Pass through primary TCP connections on ports 389, 522, 1503, 1720, and 1731
- Pass through secondary TCP and UDP connections on dynamically assigned ports (1024-65535)
The H.323 call setup protocol (over port 1720) dynamically negotiates a TCP port for use by the H.323 call control protocol. Also, both the audio call control protocol (over port 1731) and the H.323 call setup protocol (over port 1720) dynamically negotiate UDP ports for use by the H.323 streaming protocol, called the real time protocol (RTP). In NetMeeting, two UDP ports are determined on each side of the firewall for audio and video streaming, for a total of four ports for inbound and outbound audio and video. These dynamically negotiated ports are selected arbitrarily from all ports that can be assigned dynamically.
NetMeeting directory services require either port 389 or port 522, depending on the type of server you are using. Internet Locator Servers (ILSs), which support the lightweight directory access protocol (LDAP) for NetMeeting, require port 389. The User Location Service (ULS), developed for NetMeeting 1.0, require port 522.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...