We have a problem where we can't get netmeeting to work properly over the PIX 525 firewall (version 5.3(2)). Audio and video are working fine but not data functionality (chat, ftp ...etc). We did permit the following tcp ports 7648, 1731, 1503, 8000, h323 and udp ports 7648, 24032, 135 (netbios-ns). I did not see any ports being blocked on the firewall at all.
The Cuseeme server used is on version 6.0 and the client netmeeting is on version 3.01.
The Cuseeme server (22.214.171.124) resides on the DMZ of the PIX. Users on the OUTSIDE of the PIX worked fantastically but not internal users on the INSIDE of the PIX.
We have the following translation on the firewall
global (perim) 1 172.30.1.2-172.30.45.254 netmask 255.255.0.0
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
Thinking that the NAT above might be the cause, we removed the NAT with the following commands
nat (inside) 0 access-list no_nat
access-list no_nat permit ip any 126.96.36.199 255.255.255.0
The above didn't work either.
Is there any issue with the PIX firewall version 5.3(2)? Does anyone know what the problem might be?
There has been many, many, many bug fixes since 5.3(2) with H323 and NAT/PAT among others. I'm actually surprised your audio/video is working, but the it's probably because you're NAT'ing the traffic and not PAT'ing.
Before troubleshooting this any further, I'd upgrade to 6.2(2) and see if everything works then. The nat changes you made to the config shouldn't make any difference, going by your original commands the traffic will be NAT'd and therefore should be OK.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :