Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Yet another NetMeeting Question

Hey all,

Here is what I have and what I have done.

pix 515e 6.3.3 ios and 3.0.1 pdm

I created a service group called NetMeeting with the following TCP ports

1731

1720

1503

522

389

I have created a static translation of XXX.XX.XX.243 (public IP) to 10.1.1.89, the workstation in question.

static (inside, outside) XXX.XX.XX.243 10.1.20.2 netmask 255.255.255.255 0 0

I (think) I allow the traffic in and out using a service group that I created.

access-list inbound_traffic permit tcp any host XXX.XX.XX.243 object-group NetMeeting

access-list outbound_traffic permit tcp host 10.1.20.2 any object-group NetMeeting.

inbound traffic in bound to outside interface

outbound traffic is bound to inside interface

I have disabled the H323 fixup protocol. I have a bunch of other ACL's that are working fine. Just not this one.

Thanks

Matt

3 REPLIES
New Member

Re: Yet another NetMeeting Question

Matt,

I am also having a similar problem. Just one question about your approach: if you turn off h323 fixup, how will the discrepancy between the IP addr in the payload vs. the header be reconciled?

New Member

Re: Yet another NetMeeting Question

I am not quite sure. I thought that the static translation in the pix would handle that.

I am not sure what the fixup does exactly

Matt

New Member

Re: Yet another NetMeeting Question

Hey,

I realized that I had a cisco VPN client firewall on. I turned that off and I was able to contact a netmeeting session. I am still not able to have someone initate the call to my machine from the outside.

PAT on the firewall is taking care of address translation from an internal IP to the public interface of the pix. I enabled the fixup protocol and nothing changed. I can initiate a call, but someone from the outside can't call me. I am not allowing something by or my static translation is messed up.

Matt

91
Views
0
Helpful
3
Replies