VCS StarterPack H.323 IP Dial Out and UDP 1719 LRQ problem
I have a VCS Starter Pack with Dual Interface and NAT configuration. This is a demo setup and therefore all settings have been made with IP addresses.There is No SRV records. The customer has a Checkpoint firewall and we made NAT configüration between Public IP address and VCS LAN2 IP addresses.
There is a Tandberg MXP system registered to this VCS StarterPack over H.323 and SIP.
MXP system can receive H.323 call like(mxp@213.X.X.X) and SIP Call (mxp1700@213.X.X.X).
I checked the logs and we found the below issue with firewall guy on the Checkpoint firewall.
VCS Starterpack sends LRQ packet to the outside and the outside answer LCF packet to our public IP address of the VCS. The Checkpoint Firewall
receive this packet but doesn't make any NAT translation for 1719 UDP packet and VCS StarterPack doesn't receive this LCF package.
There is some issue when I make a call to the public IP address of the test VC System on the internet.
Is there any special config at the checkpoint firewall or I forgot some point on the VCS? We made special rule on the Checkpoint to translate 1719 UDP port to the VCS Starterpack LAN 2 interface but when we check the report we can see there is no Translation.
Now I am checking internet about this issue may be I can found some detail about the solution.
Re: VCS StarterPack H.323 IP Dial Out and UDP 1719 LRQ problem
Checkpoint firewalls are known to require some off the shelf config changes. I believe the packet inspection on a Checkpoint is called SmartDefence. You will need to turn it off for h323 and SIP. Even after turning it off, it will still perform packet inspection on those protocols if you use the builtin protolanguage rules, you will need to define a custom protocol with all the required ports. Then use that protocol definition when building the allow rules for communication.
SIP traces provide key information in troubleshooting SIP Trunks, SIP
endpoints and other SIP related issues. Even though these traces are in
clear text, these texts can be gibberish unless you understand fully
what they mean. This document attempts to br...
Please find the attached HTML document, download and open it on your PC.
This provides an easy to use form where you simply answer a few
questions and it will render the proper jabber-config.xml file for you
to copy/paste. There is built in logic to verif...
CUCM Database Replication is an area in which Cisco customers and
partners have asked for more in-depth training in being able to properly
assess a replication problem and potentially resolve an issue without
involving TAC. This document discusses the bas...