• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Open Port udp 5082 failure

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> H.323 Gatekeeper >> Open Port udp 5082 failure Page: [1]
Login
Message << Older Topic   Newer Topic >>
Open Port udp 5082 failure - 4.Jun.2003 7:38:00 AM   
smarisetty

 

Posts: 36
Joined: 11.Jun.2001
From: Santa Clara, CA, USA
Status: offline
Hi Tom,

I tried to open the UDP 5082 through a procotol definition and protocol rule. Checking the ISA logs, I still see that this port is being blocked for incoming packets.

Any ideas where and what to look for.

thanks
sm
Post #: 1
RE: Open Port udp 5082 failure - 4.Jun.2003 7:58:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi smarisetty,

how does your protocol definition looks like? It should be something like "UDP port 5082 send receive" for outbound access.

HTH,
Stefaan

(in reply to smarisetty)
Post #: 2
RE: Open Port udp 5082 failure - 5.Jun.2003 5:20:00 AM   
smarisetty

 

Posts: 36
Joined: 11.Jun.2001
From: Santa Clara, CA, USA
Status: offline
I have added the rules send-receive and receive-send. I also tried send and receive. when all four a present, I see the same problem. Not able to figure out why it is being blocked.

sm

(in reply to smarisetty)
Post #: 3
RE: Open Port udp 5082 failure - 5.Jun.2003 5:27:00 AM   
smarisetty

 

Posts: 36
Joined: 11.Jun.2001
From: Santa Clara, CA, USA
Status: offline
Let me clarify one more point, the UDP port for incoming accesses are being blocked. I have not seen blocks on any outgoing.

This is how the logs message looks like:
192.246.69.247 63.198.196.228 Udp 5082 11836 BLOCKED 63.198.196.228

sm

(in reply to smarisetty)
Post #: 4
RE: Open Port udp 5082 failure - 5.Jun.2003 8:57:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi smarisetty,

the direction receive/send or receive won't help you because they are intended for inbound access (server publishing rules). So, you need to use send/receive or send (unidirectional).

What is the Firewall log telling you? Don't forget to enable the logging of *all* fields in ISA server. In the ISA helpfile there is a section called Firewall and Web Proxy log fields, a must read. Additional information can be found in the article http://support.microsoft.com/default.aspx?scid=kb;en-us;Q284818 .

Have you already restarted the Firewall service on ISA server? Also, is there a relative long time between the send and receive packet?

HTH,
Stefaan

(in reply to smarisetty)
Post #: 5
RE: Open Port udp 5082 failure - 5.Jun.2003 10:46:00 PM   
smarisetty

 

Posts: 36
Joined: 11.Jun.2001
From: Santa Clara, CA, USA
Status: offline
The UDP packets that I see dropped are in-bound from the external IP. I tried the server publishing rule as well.

The firewall log pretty much says that the UDP from an external source Ip is being blocked with the internal source ip of my ISA server.

I did re-start the server after each change. The application that I am try to make work is the sjphone-SIP mode from SJlabs.com. It can be downloaded by anyone for tying out.

When I do a netstat -na, I do see the UDP port bind to the ISA IP, but don't see that this port has LISTENING status.

sm
sm

(in reply to smarisetty)
Post #: 6
RE: Open Port udp 5082 failure - 7.Jun.2003 12:19:00 AM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi sm,

hmm... it looks like you are trying to define a protocol rule for a complex protocol. Have you already tried to use the H.323 application filter and Gatekeeper, because the product seems to support that? If that does not work, create an open protocol (all IP traffic) and open site&content rule (all destinations, all content) and make sure the Firewall client is installed.

HTH,
Stefaan

(in reply to smarisetty)
Post #: 7
RE: Open Port udp 5082 failure - 8.Jun.2003 7:49:00 AM   
smarisetty

 

Posts: 36
Joined: 11.Jun.2001
From: Santa Clara, CA, USA
Status: offline
Stefaan,

I am trying to get the VOIP work with sjphone from sjlabs.com and a service provided by fwdnet.net.

Not sure what is going on. Tried everyting for days and can't seem to explain what is going on. The VOIP applet works partially.

sm

(in reply to smarisetty)
Post #: 8
RE: Open Port udp 5082 failure - 8.Jun.2003 11:29:00 AM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi sm,

I have no experience with that product are service, but did you try the H.323 configuration?

Also, in order to get some understanding of how the used protocols are working, install Ethereal on the workstation, place the workstation outside of ISA and capture a session.

Next, make sure the Firewall client is installed on the workstation and you have an open protocol and site&content on the ISA server. Maybe a fresh install of ISA server is recommended too. Verifiy also you have enabled the logging of all fields in ISA server. Now, with the workstation behind ISA, capture again a session. The analysis of both the Ethereal traces and the ISA logs should give you some clue why it is not working.

HTH,
Stefaan

(in reply to smarisetty)
Post #: 9
RE: Open Port udp 5082 failure - 12.Jun.2003 7:57:00 AM   
sysadmin

 

Posts: 89
Joined: 21.Oct.2002
From: India
Status: offline
Hi! Sim,
I too had problems setting up Infogate VoIP behind ISA.
I tried other way.
I installed a machine outside ISA, and installed Tiny Personal Firewall on it. Then went configuring the VoIP. Tiny Personal firewall gives out all the things in real time related to any outbound or inbound access with detailed IP address and ports being used to connect.
Using this logs I created appropriate protocol rules and filters and VoIP was working ok.

hope you can apply the same methodology.

Thanks
Sysadmin

(in reply to smarisetty)
Post #: 10
RE: Open Port udp 5082 failure - 12.Jun.2003 8:08:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Sysadmin,

he has it already working with the Firewall client but he wants to use the SecureNAT client! [Big Grin]

Your methodology has the same goal: determining how the protocol is working and then create the necessary protocol definitions and rules.

BTW --- did you try to use the H.323 features for the VOIP client?

Thanks,
Stefaan

(in reply to smarisetty)
Post #: 11

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> H.323 Gatekeeper >> Open Port udp 5082 failure Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts