Welcome to ISAserver.org

Polycom

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA 2006 Firewall] >> General >> Polycom

Page: [1]

Message

<< Older Topic Newer Topic >>

Polycom - 3.Jun.2008 11:16:22 AM

tldees

Posts: 8
Joined: 3.Jun.2008
Status: offline

We are currently trying to get our video conference equipment to work through the firewall.

We have setup a couple of polycoms on both sides of the firewall. We can get the internal polycom to connect to the outside polycom, but we're not receiving any video or audio coming from the external polycom (Just a black screen). The external polycom does receive video and audio.

The other issue is that we are not able to dial in from the outside polycom, and only get beeping like it is trying to connect to the inside polycom.

We were able to get both sides working when we used a route, but not when configured with NAT.

Our access rule is as follows:
Polycom Outbound      Allow    All Outbound Traffic     168.192.0.55 (Inside Polycom)     External

The Published Server Rules:
Polycom H.323 Inbound    Allow    H.323 Server (1720 Inbound)     External     168.192.0.55 (Inside Polycom)
Polycom Inbound UDP     Allow     Polycom Inbound UDP 3230-3253     External    168.192.0.55 (Inside Polycom)
Polycom Inbound TCP     Allow     Polycom Inbound TCP 3230-3253     External     168.192.0.55 (Inside Polycom)

All Published Server Rules are set to "Appear to come from ISA".

The Polycom configuration is with fixed ports (3230-3253). All NAT settings is disabled on the Polycom.

Inside Polycom IP address is 168.192.0.55.
The outside Polycom IP address is 172.16.99.200.
The ISA external IP address is 172.16.1.200, and the internal is 168.192.0.1.

The logs don't really help much, since it is not showing anything being denied.

Let me know if anymore information is needed.

Thanks in advanced for any help.

Post #: 1

Featured Links*

RE: Polycom - 3.Jun.2008 11:52:34 AM

paulo.oliveira

Posts: 826
Joined: 3.Jan.2008
From: Amazonas, Brazil
Status: online

Hi,

take a look at this article:

http://support.microsoft.com/?scid=kb%3Ben-us%3B556039&x=10&y=21

Regards.

(in reply to tldees)

Post #: 2

RE: Polycom - 3.Jun.2008 12:44:27 PM

tldees

Posts: 8
Joined: 3.Jun.2008
Status: offline

Thanks for you reply.

We've actually been using that article to get where we are right now. The only part that we didn't do was the line saying: "5. On the Polycom, configure the public address as manual with the appropriate external public address that will be used on the ISA Server." The only part that we've seen that references a public address on the polycom is in the firewall/NAT settings, which the article says to disable (hiding the public IP option). The inside polycom is a 7000 VSX, and the article references a 7000e VSX, so I can only assume its a difference in models.

(in reply to tldees)

Post #: 3

RE: Polycom - 3.Jun.2008 4:57:12 PM

tldees

Posts: 8
Joined: 3.Jun.2008
Status: offline

I've directly connected the outside polycom to the ISA server, and gave it an IP address of 172.16.1.205. I've taken some logs of the network activity, and posting it here in case someone sees a glaring problem.

In these logs I have not set the polycom's default gateway to point to the ISA server. I just initated a call with the outside polycom and let it run for about 30 seconds or so:

Outside Network is: 172.16.0.0
Inside Network is: 168.192.0.0

6/3/2008 12:54:55 PM 172.16.1.205 1720 H.323 Protocol Initiated Connection Polycom Outbound 168.192.0.55  Internal External - - 168.192.0.55    ISA01 -  TCP -      -    6/3/2008 5:54:55 PM 3232 0 0 0 0x0 ERROR_SUCCESS  0x0 0x0 Firewall -

6/3/2008 12:54:55 PM 172.16.1.205 3231 Polycom Outbound TCP 3230-3235 Initiated Connection Polycom Outbound 168.192.0.55  Internal External - - 168.192.0.55     6/3/2008 5:54:55 PM 3233 0 0 0 0x0 ERROR_SUCCESS  0x0 0x0 Firewall -

6/3/2008 12:54:57 PM 172.16.1.205 3234 Polycom Outbound UDP 3230-3235 Initiated Connection Polycom Outbound 168.192.0.55  Internal External - - 168.192.0.55    ISA01 -  UDP -      -    6/3/2008 5:54:57 PM 3236 0 0 0 0x0 ERROR_SUCCESS  0x0 0x0 Firewall -

6/3/2008 12:55:02 PM 172.16.1.205 3237 Unidentified IP Traffic Initiated Connection Polycom Outbound 168.192.0.55  Internal External - - 168.192.0.55    ISA01 -  UDP -      -    6/3/2008 5:55:02 PM 3235 0 0 0 0x0 ERROR_SUCCESS  0x0 0x0 Firewall -

6/3/2008 12:55:02 PM 172.16.1.205 3235 Polycom Outbound UDP 3230-3235 Initiated Connection Polycom Outbound 168.192.0.55  Internal External - - 168.192.0.55    ISA01 -  UDP -      -    6/3/2008 5:55:02 PM 3237 0 0 0 0x0 ERROR_SUCCESS  0x0 0x0 Firewall -

6/3/2008 12:55:13 PM 172.16.255.255 138 NetBios Datagram Denied Connection Default rule 172.16.1.200  Local Host External - - 172.16.1.200    ISA01 -  UDP -      -    6/3/2008 5:55:13 PM 138 0 0 0 0xc004000d FWX_E_POLICY_RULES_DENIED  0x0 0x0 Firewall -

6/3/2008 12:55:13 PM 168.192.0.255 138 NetBios Datagram Denied Connection Default rule 168.192.0.1  Internal Local Host - - 168.192.0.1    ISA01 -  UDP -      -    6/3/2008 5:55:13 PM 138 0 0 0 0xc004000d FWX_E_POLICY_RULES_DENIED  0x0 0x0 Firewall -

6/3/2008 12:55:44 PM 172.16.1.205 3236 Unidentified IP Traffic Closed Connection Polycom Outbound 168.192.0.55  Internal External - - 168.192.0.55    ISA01 -  UDP -      -    6/3/2008 5:55:44 PM 3236 146859 0 0 0x80074e20 FWX_E_GRACEFUL_SHUTDOWN  0x0 0x0 Firewall -

6/3/2008 12:55:45 PM 172.16.1.205 3235 Polycom Outbound UDP 3230-3235 Closed Connection Polycom Outbound 168.192.0.55  Internal External - - 168.192.0.55    ISA01 -  UDP -      -    6/3/2008 5:55:45 PM 3235 142000 1020 0 0x80074e20 FWX_E_GRACEFUL_SHUTDOWN  0x0 0x0 Firewall -

6/3/2008 12:55:45 PM 172.16.1.205 3237 Unidentified IP Traffic Closed Connection Polycom Outbound 168.192.0.55  Internal External - - 168.192.0.55    ISA01 -  UDP -      -    6/3/2008 5:55:45 PM 3237 142000 1040 0 0x80074e20 FWX_E_GRACEFUL_SHUTDOWN  0x0 0x0 Firewall -

6/3/2008 12:56:01 PM 172.16.1.205 3234 Polycom Outbound UDP 3230-3235 Closed Connection Polycom Outbound 168.192.0.55  Internal External - - 168.192.0.55    ISA01 -  UDP -      -    6/3/2008 5:56:01 PM 3236 64000 1179 0 0x80074e20 FWX_E_GRACEFUL_SHUTDOWN  0x0 0x0 Firewall -

6/3/2008 12:56:59 PM 172.16.1.205 3231 Polycom Outbound TCP 3230-3235 Closed Connection Polycom Outbound 168.192.0.55  Internal External - - 168.192.0.55    ISA01 -  TCP -      -    6/3/2008 5:56:59 PM 3233 124000 2597 1878 0x80074e20 FWX_E_GRACEFUL_SHUTDOWN  0x0 0x0 Firewall -

6/3/2008 12:56:59 PM 172.16.1.205 1720 H.323 Protocol Closed Connection Polycom Outbound 168.192.0.55  Internal External - - 168.192.0.55    ISA01 -  TCP -      -    6/3/2008 5:56:59 PM 3232 124000 614 453 0x80074e20 FWX_E_GRACEFUL_SHUTDOWN  0x0 0x0 Firewall -

I get the same results if I set the gateway to the ISA server, but with extra traffic like DNS. The only difference is that we recieve a lot of the following entries:

6/3/2008 1:00:44 PM 168.192.0.55 3230 Polycom Outbound UDP 3230-3235 Denied Connection  172.16.1.205  External Internal - - 172.16.1.205    ISA01 -  UDP -      -    6/3/2008 6:00:44 PM 3230 0 0 0 0xc0040012 FWX_E_NETWORK_RULES_DENIED  0x0 0x0 Firewall -

< Message edited by tldees -- 3.Jun.2008 5:07:54 PM >

(in reply to tldees)

Post #: 4

RE: Polycom - 4.Jun.2008 11:53:45 AM

tldees

Posts: 8
Joined: 3.Jun.2008
Status: offline

We've switched the inside polycom (7000 VSX) with and older polycom (Viewstation FX) and got it working. So now the issue is trying to get the 7000 series polycom to work with the ISA server. Anyone have a solution?

(in reply to tldees)

Post #: 5