Problems with Tandberg IP conferencing

Archived from groups: comp.dcom.videoconf (More info?)

We are having major problems establishing IP videoconference on a
Tandberg 800 system. We can NetMeeting to<>from external but cannot
establish an IP call to a 'real' videoconferencing system.

Firewall is SEF - rules appear to have been setup apropriately - call
arrives on the Tandberg but does not get back out through the
Firewall. NAT is in use at the Firewall but not on the Tandberg itself
- allowing the Firewall to handle this.

Is there anyone out there who has had a similar problem with this
combination? We have even opened up the Firewall rules for the
Tandberg (temporarily) but still cannot communicate.

I have emailed Tandberg but as yet have had no response.

ISDN works fine.

I would welcome any advice....

Thanks in advance.

LC
5 answers Last reply
More about problems tandberg conferencing
  1. Archived from groups: comp.dcom.videoconf (More info?)

    LC,
    Tandberg tech support is usually pathetic and very arrogant.
    What ports did you open and what firewall rules did you set?
    Also what is 'Firewall SEF', which brand of firewall are you using.

    RS


    On 27 Apr 2004 08:44:11 -0700, lesley.chaddock@biwater.com (LC) wrote:

    >We are having major problems establishing IP videoconference on a
    >Tandberg 800 system. We can NetMeeting to<>from external but cannot
    >establish an IP call to a 'real' videoconferencing system.
    >
    >Firewall is SEF - rules appear to have been setup apropriately - call
    >arrives on the Tandberg but does not get back out through the
    >Firewall. NAT is in use at the Firewall but not on the Tandberg itself
    >- allowing the Firewall to handle this.
    >
    >Is there anyone out there who has had a similar problem with this
    >combination? We have even opened up the Firewall rules for the
    >Tandberg (temporarily) but still cannot communicate.
    >
    >I have emailed Tandberg but as yet have had no response.
    >
    >ISDN works fine.
    >
    >I would welcome any advice....
    >
    >Thanks in advance.
    >
    >LC
  2. Archived from groups: comp.dcom.videoconf (More info?)

    Hi RS

    SEF = Symantec EnterPrise FireWall

    The specific Inbound and Outbound rules are as follows:
    Rule ID: xx
    Description: VC Inbound
    Access Mode:
    Allow Services: H245 h323 h323* telnet*
    Service Limits: telnet h323 5555-5560/udp 1720/tcp
    Proxy Limits: ftp-disallow-gets:0 ftp-disallow-puts:0
    Advanced Services:
    Application Scanning: 1
    In Via: int-external
    Out Via: int-internal.new
    Source: Universe*
    Destination: host-tandburg-n.n.n.n
    Time: Authentication: User: User: Group: Group: Alert 5 minutes
    threshold: Alert 15 minutes threshold: Alert Hour threshold: Alert
    Day threshold: Alert Week threshold: Log Normal Activity:
    1 Application Data Scanning: 1

    Rule ID: xx
    Description: VC Outbound
    Access Mode:
    Allow Services: H245 h323 h323* VC_UDP
    Service Limits: h323 5555-5560/udp 1720/tcp 2326-2375/udp
    Proxy Limits: ftp-disallow-gets:0 ftp-disallow-puts:0
    Advanced Services:
    Application Scanning: 1
    In Via: int-internal.new
    Out Via: int-external
    Source: host-tandburg-n.n.n.n
    Destination: Universe* Time: Authentication: User: User: Group:
    Group: Alert 5 minutes threshold: Alert 15 minutes threshold:
    Alert Hour threshold: Alert Day threshold: Alert Week threshold:
    Log Normal Activity: 1 Application Data Scanning: 1

    We were also advised by Symantec to disable the H323 proxy...

    Does this enlighten any?

    Thanks
    LC

    ArthurLange <artielange@cox.net> wrote in message news:<fit0909nlj5kt363ugepbmavfg2ifg7u9g@4ax.com>...
    > LC,
    > Tandberg tech support is usually pathetic and very arrogant.
    > What ports did you open and what firewall rules did you set?
    > Also what is 'Firewall SEF', which brand of firewall are you using.
    >
    > RS
    >
  3. Archived from groups: comp.dcom.videoconf (More info?)

    Just about every video conferencing system on the market uses different
    layer 4 ports. Most H323 aware firewalls are behind in the stack versions
    being used by the popular VTC systems on the market

    Tandberg has a document that will specify ports etc. to open. Ask them for
    it.


    "LC" <lesley.chaddock@biwater.com> wrote in message
    news:5e3eba6.0404270744.50691a3f@posting.google.com...
    > We are having major problems establishing IP videoconference on a
    > Tandberg 800 system. We can NetMeeting to<>from external but cannot
    > establish an IP call to a 'real' videoconferencing system.
    >
    > Firewall is SEF - rules appear to have been setup apropriately - call
    > arrives on the Tandberg but does not get back out through the
    > Firewall. NAT is in use at the Firewall but not on the Tandberg itself
    > - allowing the Firewall to handle this.
    >
    > Is there anyone out there who has had a similar problem with this
    > combination? We have even opened up the Firewall rules for the
    > Tandberg (temporarily) but still cannot communicate.
    >
    > I have emailed Tandberg but as yet have had no response.
    >
    > ISDN works fine.
    >
    > I would welcome any advice....
    >
    > Thanks in advance.
    >
    > LC
  4. Archived from groups: comp.dcom.videoconf (More info?)

    "LC" <lesley.chaddock@biwater.com> wrote in message
    news:5e3eba6.0404300831.1a48bb57@posting.google.com...
    > Hi RS
    >
    > SEF = Symantec EnterPrise FireWall
    >
    > The specific Inbound and Outbound rules are as follows:
    > Rule ID: xx
    > Description: VC Inbound
    > Access Mode:
    > Allow Services: H245 h323 h323* telnet*
    > Service Limits: telnet h323 5555-5560/udp 1720/tcp
    > Proxy Limits: ftp-disallow-gets:0 ftp-disallow-puts:0
    > Advanced Services:
    > Application Scanning: 1
    > In Via: int-external
    > Out Via: int-internal.new
    > Source: Universe*
    > Destination: host-tandburg-n.n.n.n
    > Time: Authentication: User: User: Group: Group: Alert 5 minutes
    > threshold: Alert 15 minutes threshold: Alert Hour threshold: Alert
    > Day threshold: Alert Week threshold: Log Normal Activity:
    > 1 Application Data Scanning: 1
    >
    > Rule ID: xx
    > Description: VC Outbound
    > Access Mode:
    > Allow Services: H245 h323 h323* VC_UDP
    > Service Limits: h323 5555-5560/udp 1720/tcp 2326-2375/udp
    > Proxy Limits: ftp-disallow-gets:0 ftp-disallow-puts:0
    > Advanced Services:
    > Application Scanning: 1
    > In Via: int-internal.new
    > Out Via: int-external
    > Source: host-tandburg-n.n.n.n
    > Destination: Universe* Time: Authentication: User: User: Group:
    > Group: Alert 5 minutes threshold: Alert 15 minutes threshold:
    > Alert Hour threshold: Alert Day threshold: Alert Week threshold:
    > Log Normal Activity: 1 Application Data Scanning: 1

    1) Upgrade Tandberg to latest release E3.2
    2) Switch on NAT awareness in the Tandberg. Terminal settings>LAN>Advanced
    AFAICR
    3) Test

    If you still get no joy then do this:

    > We were also advised by Symantec to disable the H323 proxy...
    >
    > Does this enlighten any?

    Remember these three things:
    a) NAT is evil
    b) NAT is evil, and
    c) NAT is evil

    Most likely the NAT prozy is translating the IP address in the header but
    the h323 aware proxy is not changing in in the application layer.

    If none of the above works then use the DMZ port on your firewall and make
    sure there is not evil NAT on that port, i.e. you using a public IP.

    And then speak to your vendor.

    > Thanks
    > LC

    -=-peas-=-
  5. Archived from groups: comp.dcom.videoconf (More info?)

    Sounds to me like you need another solution. We use and reccommend a
    software solution that is literally plug and play. have a look at
    www.whisperit.com/emeetings
Ask a new question

Read More

LAN IP Firewalls Networking