Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Firewall ports issue (H323. interconnection)

Status
Not open for further replies.
Guilherme1000

Guilherme1000

Technical User
Apr 17, 2012
270
BR
Hello all,

I have a interconnection between three sites over a H.323 trunk.

we have a firewall and this is causing several communications issues.

I have been looking for ports to enable on the firewall 'cause everytime the IT manager monitors the traffic, a new port has to be open.
then I've come across the H.323 ports problem, 'cause there is a large range of dynamic ports (1024-65535) wich may causes security issues if open.

I know somehow we can use NAT to provide additional security, but Im not sure how does it works.

How can I use it to solve my problem?
 
Sort by date Sort by votes
Do not use NAT....that will just stop H323 working completely. You need to open the ports if you want to use voice across the link, isn't each site secure in it's own right? IT men always overreact when it comes to opening ports on internal links, in reality if they are on the internal network having some open ports on those links is the least of your worries :)



"No problem monkey socks
 
Upvote 0 Downvote
Yes, but the dynamic RTP port range is like 49152 - 53246, not from 1024 so some 48,128 ports fewer than you thought :)



"No problem monkey socks
 
Upvote 0 Downvote
do you know any specific documentation that contains the exactly range of ports?
 
Upvote 0 Downvote
Here is an extract from the installation manual, even shows the traffic direction :)



"No problem monkey socks
 
Upvote 0 Downvote
just a sanity check
you are using a VPN between sites correct?
don't try a direct connection on public IP Addresses it would be a major security risk.

if it is a vpn then there is no point in blocking ports

A Maintenance contract is essential, not a Luxury.
Do things on the cheap & it will cost you dear
 
Upvote 0 Downvote
We know that, but some people who should know better just don't :)



"No problem monkey socks
 
Upvote 0 Downvote
Look if you have H323 ALG on your router to, you need to unchek it if you are ...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

A
  • Locked
  • Question
Avaya IP Phone 9620 H323 Firmware 1
Replies
2
Views
569
abdulwahabavaya
A
DiscLight
  • Locked
  • Question
Analog Unsupervised Disconnect issue 4
Replies
8
Views
659
Nortel4Ever
Nortel4Ever
tnestel
  • Locked
  • Question
One way audio issue
Replies
8
Views
542
derfloh
derfloh
TnPtech
  • Question
Avaya IP Office -IP phone issue. 1
Replies
12
Views
446
TnPtech
TnPtech
Nortel4Ever
  • Locked
  • Question
Avaya Cloud Office J179/JEM Issue
Replies
5
Views
453
Nortel4Ever
Nortel4Ever

Part and Inventory Search

Sponsor

Back
Top