If you are not using NAT, then just open up the high ports (> 1024) between the h.323 devices. You
maybe able to lock the port range down if supported by the h.323 devices, but m0n0wall doesn't
dynamically track h.323 connections.
If you are using NAT then things are less easy. h.323 embeds IP addresses and ports into the data
stream so unless the devices are NAT aware they may not work properly.
Not many firewalls that claim to support h.323 actually handle all the possible features. As a
protocol, h.323 is a very non-firewall friendly protocol (and SIP isn't much better).
----- Original Message -----
From: Marc R. Meshurle Jr.
To: m0n0wall at lists dot m0n0 dot ch
Sent: Friday, March 10, 2006 11:02 PM
Subject: [m0n0wall] h.323
Has anyone used the m0n0wall for h.323 voice applications? I'm in the process of setting up a
large VoIP network and would like to keep the m0n0 in place as the firewall.
Marc R. Meshurle, Jr.
Kato Technology Solutions, Inc.
Exton, PA. 19341
PRIVILEGE AND CONFIDENTIALITY NOTICE
The information contained in this electronic mail message is proprietary and confidential under
applicable law, and is intended only for the use of the individual or entity named above. If the
recipient of this message is not the above-mentioned recipient, you are hereby notified that any
dissemination, copy or disclosure of this communication is prohibited. If you have received this
communication in error, please immediately purge it without making any copy or distribution.