On Thu, Mar 18, 2010 at 01:05:42PM -0500, Lee Sharp wrote:
> Guy Boisvert wrote:
> >I have a hard time setting up mOnOwall to work with H.323. We use a
> >Polycom bridge in our DMZ and our users that have the Polycom client
> >software can't use it. They are on the LAN and mOnOwall does NAT. I
> >permit ports, i redirected the right one to one of our workstation, no
> >I read the H.323 is a "broken" protocol and that Cisco has a kind of
> >proxy software that runs into their Pix to fix that. Can mOnOwall be
> >configured to work or is it impossible?
> I got this Tuesday. I did not have anything to add then. I still do
> not. Perhaps more information would be helpful.
I haven't done this with m0n0wall, but H.323 is hard to pass through
firewalls. We used to pass it through a pf-based firewall (without NAT)
using gnugk (GNU gatekeeper), running on a machine inside the firewall.
With this you can define a port range just to forward to the gatekeeper