Hello Fellow Wizards!
We are just in progress of deploying a Gauntlet/Solaris
firewall at a new customer's site. They are using RFC 1918
addresses for all hosts "behind" the firewall.
Now they told us, "by the way, we want to use Netmeeting for
world wide videoconferencing".
While Gauntlet provides a "netmeeting proxy" which is
just a transparent TCP plug for a particular port, I
think I remember Netmeeting using H.323 for audio/video.
If this is indeed the case (can someone confirm?), I'm
looking for suggestions on how to relay these connections
through the firewall. H.323 is definitely not NATable, since
the IP addresses of the end systems are embedded in the
data stream. And port numbers are selected dynamically
in the same way ISDN devices pick TEIs - what a
brain damaged protocol. :-(
Are there any open source H.323 proxies? I found some
"gatekeeper" software, but according to my understanding
gatekeepers only manage call setup. The audio/video
packets are exchanged directly between the two parties
taking part in a call for delay reasons.
If there were a Netmeeting Proxy server for NT
or something similar (open source or not), we could
configure a separate DMZ with official IP addresses
and put that proxy there instead of running additional
software on the firewall.
I am aware of the security implications, but instead
of saying "no way", I'd prefer of giving the customer
the choice.
Any suggestions?
TIA,
Patrick
--
--- WEB ISS GmbH - Scheffelstr. 17a - 76135 Karlsruhe - 0721/9109-0 ---
------ Patrick M. Hausen - Technical Director - hausen_at_punkt.de -------
"Two men say, they're Jesus - one of 'em must be wrong." (Dire Straits)
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_nfr.com
http://www.nfr.com/mailman/listinfo/firewall-wizards
Received on Jul 13 2001
Intro
