From owner-freebsd-questions  Mon Mar  6 14: 7:46 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from relay.ultimanet.com (relay.ultimanet.com [205.179.129.1])
	by hub.freebsd.org (Postfix) with ESMTP id 2D4C837BB55
	for <freebsd-questions@freebsd.org>; Mon,  6 Mar 2000 14:07:38 -0800 (PST)
	(envelope-from randy@Cloudfactory.ORG)
Received: from Cloudfactory.ORG (cloudfactory.org [205.179.129.18])
	by relay.ultimanet.com (8.9.3/8.9.3) with ESMTP id OAA19618;
	Mon, 6 Mar 2000 14:17:12 -0800
Message-Id: <200003062217.OAA19618@relay.ultimanet.com>
To: Bhishan Hemrajani <bhishan@cytosine.dhs.org>
Cc: freebsd-questions@freebsd.org
Subject: Re: NetMeeting or H.323 with ipfw & natd 
In-Reply-To: Your message of "Fri, 03 Mar 2000 22:51:30 PST."
             <200003040651.WAA00659@cytosine.dhs.org> 
Date: Mon, 06 Mar 2000 14:08:14 -0800
From: Randy Primeaux <randy@Cloudfactory.ORG>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

I said:
> > Is it possible to configure natd to support H.323 videoconferencing
> > gateway for NetMeeting or cu-seeme?
> > Should I consider MBONE tools?

Issue: I can transmit MS NetMeeting video/audio through ipfw/natd but
not receive.

Bhishan Hemrajani writes:
> Find out the port that netmeeting uses, and redirect it
> with natd.

Bhishan,
I currently run `/sbin/natd -interface ed0 -n ed0`.

Are you suggesting?:
/sbin/natd -interface ed0 -n ed0 -redirect_port tcp 192.168.144.4:1503 1503 -redirect_port tcp 192.168.144.4:1720 1720 -redirect_port tcp 192.168.144.4:1731 1731

(I think the LDAP on 389 passes through OK.  maybe.)

Please be more specific.  What tools could I use to figure this out?
I've noticed that the NetMeeting Software on Win98 picks up it's
nat'ed private address (192.168.144.4 /24).  I don't know for fact,
but I suspect Z-end client tries to route back to this address, not my
public interface.  (Using iVisit instead of NetMeeting resolved this
issue).  Is it possible the source private-address is encapsulated
within the outgoing packet, or reported to the LDAP Internet Locator
Service directory?

I show the folowing in my /etc/services table:
ldap            389/tcp    #Lightweight Directory Access Protocol
ldap            389/udp    #Lightweight Directory Access Protocol
ulp             522/tcp
ulp             522/udp
imtc-mcs        1503/tcp    #Databeam
imtc-mcs        1503/udp    #Databeam


According to 
http://www.microsoft.com/windows/NetMeeting/Corp/reskit/Chapter4/default.asp:

MS NetMeeting uses 
Port          Function				Outbound Connection
389           Internet Locator Service (ILS)    TCP
522           User Location Service		TCP
1503          T.120				TCP
1720          H.323 call setup			TCP
1731          Audio call control		TCP
Dynamic       H.323 call control		TCP
Dynamic       H.323 streaming			Real-Time Transfer Protocol (RTP) over UDP

If you use a firewall to connect to the Internet, it must be
configured so that the IP ports are not blocked.

To establish outbound NetMeeting connections through a firewall, the
firewall must be configured to do the following:

* Pass through primary TCP connections on ports 389, 522, 1503, 1720,
  and 1731.
* Pass through secondary TCP and UDP connections on
  dynamically assigned ports (1024-65535). 

The H.323 call setup protocol dynamically negotiates a TCP port for
use by the H.323 call control protocol.  Also, both the audio call
control protocol and the H.323 call setup protocol dynamically
negotiate UDP ports for use by the H.323 streaming protocol, called
the Real-Time Transfer Protocol (RTP). In NetMeeting, two UDP ports
are determined on each side of the firewall for audio and video
streaming, for a total of four ports for inbound and outbound audio
and video. These dynamically negotiated ports are selected arbitrarily
from all ports that can be assigned dynamically. 

NetMeeting directory services require port 389. Microsoft Internet
Locator Service (ILS) servers, which support the Lightweight Directory
Access Protocol (LDAP) for NetMeeting, also require port 389.

Bhishan Hemrajani writes:
> Find out the port that netmeeting uses, and redirect it
> with natd.
> 
> --bhishan
> 
> > Is it possible to configure natd to support H.323 videoconferencing
> > gateway for NetMeeting or cu-seeme?
> > 
> > Should I consider MBONE tools?
> > --
> > Randy Primeaux
> > randy@cloudfactory.org		http://cloudfactory.org/~randy
> > 
> > 
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-questions" in the body of the message
> > 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
> 

--
Randy Primeaux
randy@cloudfactory.org         http://cloudfactory.org/~randy/
tranze@hyperreal.org		http://hyperreal.org/~tranze/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message