Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

NAT and h323 in IOS


I'm trying to setup a videoconference and I have a 2801 router (12.4(18c)) with NAT configuration between units but It doesn't work. I captured some packets with sniffer and I can see that units are trying to send voice and video information to the real IP address (not natted ip address in router). NAT and h323 is supported in Cisco? Should I apply a specific configuration in router?

Please let me know your comments.

TIA. Regards.

Cisco Employee

Re: NAT and h323 in IOS


We do support NAT and H323:

If you want to hide the real addresses, your unit should be configured to point to the Outside local or Inside Global address.

Could you describe your topology/configuration and your NAT policy ?



Community Member

Hi, I'm getting the same



I'm getting the same problem.

I'm using one static NAT 1:1 ip nat inside source static IPoutside IPlocal

When the polycom outside endpoint call H323 to inside endpoint by using IPoutside, the call can establish successfully. The outside endpoint cannot see/hear the endpoint inside. But the endpoint inside can see/hear the endpoint outside.

I'm using Cisco Router 2811. IOS version c2800nm-entservicesk9-mz.151-4.M7.bin

Does anyone know what's problem? Do I need to configure anything else to make this conference working.

Thanks in advanced.

Community Member

Re: NAT and h323 in IOS


I think your problems lies with the fact that by default a cisco router does not know to nat correctly the h.323 protocol, because ports are being generated dynamically inside the H.323 conversations (similar to dynamic port allocation in FTP)

So. The only way to fix this problem in my oppinion is to upgrade your IOS to support IOS Firewall feature (specifically IOS-FW - H323 v3/v4 Support) which is basically able to look inside the h323 packet and decode it.

I advise you to use Cisco Feature Navigator to find an IOS suitable for your platform with this support

Cisco Feature navigator link: (go to Search by feature)

Use the following documentation for more information regarding H.323 in Cisco IOS Firewall . (you basically need to enable ip inspection of h323 protocol to get this working)

CreatePlease to create content