Sign in with
Sign up | Sign in
Your question

One-to-one nat, video conferencing

Tags:
  • Routers
  • IP
  • Video Conferencing
  • Internet Service Providers
  • Networking
Last response: in Networking
Share
February 4, 2010 3:30:50 PM

Hi all. I did a search before hand but didn't find much. Here's the situation:

We have 2 video conferencing rooms in our office, both ISDN capable, one IP capable(publicly, both have internal IP's). Verizon is our ISP with a 3m/768k connection, and our network is configured as follows:

modem -> Sonicwall tz170 -> switch -> Polycom VC cameras

Right now we have one public IP and that handles everything regular internet traffic and IP calls(ports forwarded to the designated VC equipment). We're looking to be able to do IP calling from our second room, and relatively soon. One guy I talked to who had sold us, and helped us setup, the second ISDN VC room told me I would need a gatekeeper, as he called it, to auto negotiate "extensions" that would be dialed by the IP far ends. The price he quoted was pretty astronomical, upwards of $5k. We're a small business and simply can't afford that.

I'm already in the networking field and am working on my network+ and then ccna, but i'm still fuzzy on certain things, specifically nat. It sounds like i'd be able to accomplish what I want using one to one nat, assigning one of our public IP's to each VC camera, and one to our router for regular traffic. Am I correct in assuming that? The Sonicwall has one WAN port, at first that concerned me but as I understand it, it's done internally, correct? It doesn't matter how many physical ports I have does it?

If needed, we also have a Cisco 871w sitting unused in the server room. I'd have initially gone with that, but i've forgotten much of my Cisco classes since getting out of college. I know my way around the IOS so if it can be done easier or cleaner there, toss me some commands, or point me in the right direction and I can take it from there. I suppose i'd also need to know how to get the connection to Verizon working.

Thanks!

More about : nat video conferencing

February 5, 2010 3:45:42 PM

I am not well versed on the video stuff, but I would say you need to see if getting another static external IP would do the trick. Configuring the sonicwall to direct the correct port from the two different IPs I am not sure on. Can It distinguish between the two different external IPs? What is the cost for another IP might come into play. In the long run it may be cheaper to get the gatekeeper. It would also allow you to add more rooms in the future alot easier.
m
0
l
February 5, 2010 4:32:05 PM

Well, I assume it works just like any other network attached system, connections are established using predefined ports. Going on that I assume that just directing one public IP to one private IP would allow all traffic to that internal device, and then I could set ACLs on each, denying unused ports, etc. I just want to be sure that's the case before I make a recommendation. I'd try it out first if I had an IP to spare, but I don't.

The cost for an additional 5 IP's is nominal, $20 extra on our bill a month. It would take a very long time to have the gatekeeper pay for itself. Our office is also pretty small, and we'll only be able to accommodate the 2 rooms.
m
0
l
Related resources
February 5, 2010 6:03:37 PM

for 20 bucks I would definitely see if running a second external IP would work.
m
0
l
February 1, 2012 8:12:03 PM

reasonman said:
Well, I assume it works just like any other network attached system, connections are established using predefined ports. Going on that I assume that just directing one public IP to one private IP would allow all traffic to that internal device, and then I could set ACLs on each, denying unused ports, etc. I just want to be sure that's the case before I make a recommendation. I'd try it out first if I had an IP to spare, but I don't.

The cost for an additional 5 IP's is nominal, $20 extra on our bill a month. It would take a very long time to have the gatekeeper pay for itself. Our office is also pretty small, and we'll only be able to accommodate the 2 rooms.



I am looking at the same sort of solution. I can call out from the VC units via IP, but I'm wondering if using one-to-one NAT as you've described would permit inward calling to specific VC units. Did you have any luck w/ this approach?
Thanks.
Chuck
m
0
l
!