From: New York
read the page, understood it, but I don't think that implementation is what I need. I think what I need is to be able to netmeeting to their machine and fix their problem remotely. It seems like this article is to be used for people to request a netmeeting session from a tech. Maybe I was reading it wrong?
NetMeeting uses a rather complex protocol called H.323 and not many firewalls and NAT devices support it properly. That is the real challenge!
In order to better understand your environment, please tell me more about your configuration: - are the tech people behind ISA? - are the customers behind any kind of firewall or NAT device? - who is initiating the NetMeeting session? - ...
From: New York
alright, here's the situation: I have x amount of clients, I need to be able to connect to them on an as needed basis. Pretty much we want to be able to remotely get to a person's machine to visually see what the problem is and help solve it whenever they call in. suggestions? comments? insults? stock advice? lotto numbers? thanks.
RE: Using NetMeeting and the H.323 Gatekeeper as a Help... - 21.Nov.2002 2:58:00 PM
Responding to the thread regarding using Netmeeting to resolve problems on the client machine: I intend to use netmeeting the same way, and your article came at a very good time. My network infrastructure is very similar to yours, Stefaan, so implementation has been very simple. However, making it simple for a client (ie: my customer with a problem on their computer) to connect to our website, then allow me to control their computer, is not so easy. We previously used WebEx to accomplish this, but that is a very expensive solution.
Assuming our clients are behind some sort of firewall (hardware or software, presumably NOT ISA Server), what ports must be open to allow data-only (T120 protocol) connections?
if you are only interested in the data conferencing capabilities and not in the audio and video capabilities, then you might choose the T.120 calling model. In that case NetMeeting makes only connections to TCP port 1503. No other protocols or ports are involved.
However, when using the T.120 call model, ISA can't assist you in routing the inbound T.120 connections to the proper internal workstation. This is only possible if you use the H.323 call model (h323 = true). If you disable the audio and video capabilities (av = false) and only use the data sharing capability (data = true) of NetMeeting, the communication from the calling H.323 endpoint can be served with a policy of 'allow all outbound TCP' to the called H.323 endpoint.
From: New York
99.99% of our customers are behind a firewall or nat device of some sort. be it a linksys router, another isa server, a dsl/cable router/swtich combo, or a sonicwall firewall/router they all seem to have something along those lines.
because the customers are behind a firewall or nat device, it is very likely you will NOT be able to connect to them. That problem can be solved by reversing the initiation of the connection and that's exactly the solution described in the article. Keep in mind that the role of guest and host is not bound to who initiates the connection in Netmeeting!
just to let you know I've updated the article with an extra note in section '5.1. Configure the ISA server'. It explains how to correct the Application log errors Microsoft H.323, ID 21056 and ID 21075 after applying MSKB 329251.
Read the article Using NetMeeting and the H.323 Gatekeeper as a HelpDesk tool article. Although a URL is given in the descussion group. This url does not seem available. Is there anywhere else I can get access to the source code
I've just checked all the links and they worked. Also, the link given in this topic. If you still can't access it, give you email address and I respond with the example code (http://users.skynet.be/spouseele/H323/H323-VBScripts.zip).
I was reading your article about how to use H.323 Gatekeeper as a helpdesk tool. It was really helpful to make me understand some H.323 aspects. What i want to ask you is about a kind of solution i want to implement in my case which somehow is similar with the solution you already implemented. For this i will make a little description of my environment. We have basically one central location A with 172.19.44.0/22 for intranet and 172.19.35.0/24 for extranet. Also we have some remote locations B,C,à. with the following IP realm B û 172.26.43.0/24 C - 172.26.48.0/24 The main computers from the central location A are connected in both network 172.19.44.0/22 and 172.19.35.0/24,. People from the remote locations can access the main Computers through extranet 172.19.35.0/24 side of the network. The ISA server we have is connected as well in these 2 networks with the following IP addresses(172.19.46.73 for intranet and 172.19.35.73 for extranet). People from remote locations can access the main ISA server through 172.19.35.73 NIC. We want to implement a World wide Netmeeting solution for all locations. For this we have to implement as well a kind of H.323 Gatekeeper/Gateway solution in order to allow as NAT. The problem we have is that the people from remote locations B,C should have netmeeting connections with the people from the central location A and they canÆt have a direct connection because remote locations could access only the extranet of central location. We have configured ISA server to act as H.323 Gatekeeper/Gateway and we have configured the netmeeting clients from A location to register with the Gatekeeper. At remote location we have configured the netmeeting clients to use the external interface of ISA server which belongs to the A location extranet 172.19.35.73. We are able to call from remote locations B,C using phone numbers people from central location A, but we are not able to call from central location A to remote locations B,C. - What do you think that a should implement in order to allow me have calls from both places from location A to B,C as well from B,C to A ? - Do you think that is enough one ISA server for this purpose or should a implement ISA servers as well in the remote locations B,C. - How should i implement the routing rules and what kind of routing rules i should use(phone rules, ip rules, e-mail rules) - How can allow audio/video for people that are calling from A to B,C as well for people that are calling from B,C to A Regards, Costi
if I understand your configuration correctly, the Extranet and the location B&C are external to ISA server. So, B&C uses the external interface of ISA server as a H.323 Gateway. As a consequence you can only use phone numbers to make a call from B&C to A (Intranet). If you have enabled all options in the H.323 Application filter, then Audio/Video should be available when calling from B&C to A, at least if no NAPT (Network Address & Port translation) is done between B&C and A (the Extranet) otherwise the Audio/Video part will not work.
I have not much tested other scenario's because it wasn't within the scope of the project. However, I believe it is possible to call from A (Intranet) clients in B&C if they have a static IP address and no NAPT is done along the route. Check out the articles mentioned in "section 4.2. ISA Server" of my article for full details.
If I recall it well, the simplest and most flexible configuration is to use on each location an ISA server with a Gatekeeper/Gateway. Each host should register then with his local Gatekeeper and with the help of the Call Routing rules it is very easy to 'redirect' the requests to the proper Gateway. I've tested that once and it worked very well with Phone Routing rules, based on a prefix number.
Hello Stefaan, Thanks for your reply. One more think that is not clear to me is if we have a configuration with one ISA server acting as Gatekeeper/Gateway which is located in location A, how people from others locations that are external to ISA can call each other, something like how B can call C and viceversa. I want to mention that these people can not talk each other directly, they can talk with central location A and also they are using gateway in order to be able to call A location. Regards, Costi