I've setup a watchguard firebox X1000 to forward all the required ports for our Tandberg 6000. The Tandberg is set to use the external NAT address and can place calls just fine.

when receiving calls, it rings, acts like it connects, but we see nothing. In the firewall we can see it accepts the initial packet but then drops the subsequent few.

Apparently this has something to do with h323 through the firewall but I'm stumped how to configure this Watchguard Firebox to behave nicely with incoming VTC. Any suggestions?

Wow no replies after 27 views... does that mean I should ditch the Watchguard and go with a Sonicwall or Pix?

sounds like a port NAT'ing or PAT'ing issue where the call is being set up using the correct port/addresses but the media is being routed to different addresses.

Can you provide me more information on this matter?

johntvery@operamail.com

johntvery@hotmail.com

Can you telnet to the Tandberg and capture the log file when attempting a connection? (hyperterminal and 'syslog on' when connected....don't forget to turn syslog off when done)

What packets are dropped? IP addresses and port numbers?

fyi i fixed this issue by changing the Watchguard to "Drop-In Mode" and giving the VTC units externally routed IP addresses. They still go through the firewall now, and the firewall rules and QoS apply, but the codecs themselves have the external addresses and don't go through NAT.