PDA

View Full Version : polycom vsx 5000 and watchguard x-500 firewall issue .......?

ROYAL
01-01-2007, 11:54 PM
--------------------------------------------------------------------------------

Dear sir,

I have installed one vsx 5000 in our cutomers permises.From there i am able to make the calls and receive the video calls in a LAN.when ever we are trying to make a video calls from outside LAN(public ip's & Test sites) call is connecting and there are able to recive our video and audieo,But we are unable to recive the audieo and video from the farend .
The system is installed under "WATCHGUARD X-500" firebox in that what are ports to open for effictive video conferencing.(any additional settings is required so far the vsx 5000 system and firewall)

we tryed with
80-89,1503,1718,1719,1720,1731,8080-tcp ports

1024-65535 -udp ports opened then also iam not able to recive farend audio & video then all the incoming and outgoing (TCP & UDP)ports opened in the fire wall,then also iam not able to recive farend audio & video .




if any one has faced this type of problem please help on this issue what are ports to be open in Watchguard x-500 firewall and any additional settings should require for the Watchguard x-500 and vsx 5000 system.


THANKS & WARM REGARDS

LOKANADHA REDDY.A,
project & Customer Engineer,
lokanadh.reddy @gmail.com,
HCL Infinet Ltd., india.
www.hcl.in
senthil
01-02-2007, 12:33 AM
hi
why don't u put ur VSX 5000 in DMZ instead of using firewall and open all the ports and eventhough ur not able to send video and audio?

Senthil
ROYAL
01-02-2007, 09:48 PM
hiiiiiiii


what is the meaning of the "DMZ" ? .
Actually cuustomer is having the three polycom vsx 5000 systems in thier organigation.one is in head office, and another two are installed at respective branch offices.one branch office is having LAN(VPN) connectivity,second branch office is not having LAN facility so they are using public ip.In the LAN we are able to communicate with the branch office & they are able to communicate us.

if i am dailng outside the LAN (public ip's or any test sites) call is connecting,they are able to receive the our audio & video.but we are unable to receive the far end audio & video .


any suggestions on that..............,?
senthil
01-03-2007, 01:14 AM
DMZ
Demilitarized Zone - A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.

If your customer router supports DMZ and tell them to create a DMZ zone and place the VSX 5000 and u can call either the public VSX5000 or the internal one.

hope this will help u

Thanks

Senthil
Conexus_it
03-01-2007, 12:04 PM
Just ran into this problem myself...(possibly the same problem...)

Update the Fireware version on your X500 to 8.5. Earlier releases didn't differentiate between vpn h323 and external h323, so it all got sent through the linux conntrack helper for that protocol, even when it wasn't being natted through the tunnel, same thing for h.225.

Once up-to-date, VC through VPN works very nicely!

You might want to look at some of the QOS articles about vpn traffic control to ensure that you have consistent video performance through the tunnel as well, (once you get it going...)

Good Luck!