Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Definative Solution for Polycom communication
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Definative Solution for Polycom communication - 8.May2007 6:50:31 PM
|
|
|
BlakeD
Posts: 21
Joined: 8.Mar.2004
From: Okmulgee, OK
Status: offline
|
I am planning for a shortly-upcoming project, and thought I would hit this site for my usual doseage of help. I've done a LOT of searching on the forums, and seen my question asked many times, but I have yet to see an answer.
So, for anyone with the expertise with ISA, or who has faced this and gotten it working:
What is the definative solution for placing a Polycom (VSX 7000 in my case) behind an ISA server and making and recieving "calls" to other external Polycoms?
I.e:
Foreign Polycom --> Internet --> Router --> ISA Server --> Internal Lan w/ My Polycom
My Polycom will be a SecureNat client. I am using ISA 2004 Std. Ed, and it is a member of my domain.
|
|
|
|
RE: Definative Solution for Polycom communication - 15.May2007 12:17:05 AM
|
|
|
BlakeD
Posts: 21
Joined: 8.Mar.2004
From: Okmulgee, OK
Status: offline
|
*Bump*
No one has an answer?
|
|
|
|
|
RE: Definative Solution for Polycom communication - 16.May2007 10:26:34 AM
|
|
|
tshinder
Posts: 46637
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Blake,
No answer. I'm waiting too.
Tom
_____________________________
Thomas W Shinder, M.D.
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
MVP -- ISA Firewalls
|
|
|
|
|
RE: Definative Solution for Polycom communication - 19.May2007 2:51:09 PM
|
|
|
tshinder
Posts: 46637
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Blake,
The problem is that I don't know what protocols the Polycom uses. There is a vast array of "VoIP" protocols that all work a bit differently, so it's almost impossible for me to figure this out without actually ever seeing one of these devices.
I know that a lot of people ask the same question, it's just that I've never seen any answers.
My only suggestion is to create an all open outbound rule for the IP address of the polycom device and then see if you can figure out what inbound connections are required and create Server Publishing Rules for those protocols.
Tom
_____________________________
Thomas W Shinder, M.D.
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
MVP -- ISA Firewalls
|
|
|
|
|
RE: Definative Solution for Polycom communication - 21.May2007 12:18:03 PM
|
|
|
Rotorblade
Posts: 761
Joined: 27.Feb.2007
Status: offline
|
Have you talked with Polycom support? ( Polycomm uses the Gatekeeper services) We are looking at deploying and when I mentioned that we use ISA in our firewall design; they just kind of looked at me and snickered. My understanding they have their own gateway security device.
RB
|
|
|
|
|
RE: Definative Solution for Polycom communication - 21.May2007 3:16:53 PM
|
|
|
Ashokk001
Posts: 232
Joined: 6.Oct.2005
Status: offline
|
Blake,
We got a polycom vsx7000 unit configured as a secureNAT device on the internal LAN. We have got it working by using the fixed ip setup and then setting up the relevant server publishing rule for inbound rules.
I'll post the rule in couple of days time since i'm not back in the office till Wednesday. It is a pain because we tried all sorts of things to make this secure as possible but just couldn't figure our which ports were require for outbound so we ended up creating an all open outbound rule for the polycom unit's IP just as Tom has mentioned. I will let you know of our rules soon.
Ash.
< Message edited by Ashokk001 -- 21.May2007 3:24:11 PM >
|
|
|
|
|
RE: Definative Solution for Polycom communication - 22.May2007 8:45:33 AM
|
|
|
tshinder
Posts: 46637
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Ash,
That would be great! Looking forward to seeing what Server Publishing Rules you created.
Thanks!
Tom
_____________________________
Thomas W Shinder, M.D.
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
MVP -- ISA Firewalls
|
|
|
|
|
RE: Definative Solution for Polycom communication - 23.May2007 3:31:59 AM
|
|
|
Ashokk001
Posts: 232
Joined: 6.Oct.2005
Status: offline
|
Hi Tom, Blake,
The rules that we have configured is as follows:
Type: Server Publishing rule.
The polycom unit has a static ip assigned to it and is a secureNAT client on the internal network. Our setup is a simple one one internal network and one external network (internet).
Create a server publishring rule i.e. "Allow incomming call from External VCs" select the "Allow" action"
On the "Traffic" tab click on "New" to create a new protocol. Go through the new protocol wizard by providing the following information:
Primary Connections:
Protocol:TCP Port: 1720 Direction: Inbound
Protocol:TCP Ports(range):3230-3235 Direction: Inbound
Protocol:UDP Ports(range):3230-3235 Recieve
No secondary connections and no H323 Filter selected in the filters section.
Now select the "External" network in the "From" tab in the server publishing rule and then type in the internal IP address of the polycom unit in the "To" tab.
I've left the option "Request appear to come from original client"
Finally in the "Networks" select the external inteface and bind it to a particlar IP address if you want to.
Now looking at the rules we also have a access rule which is set up exactly like this using the same protocol settings so i'll check that and see which one is being used. I'm sure its the server publishing rule.
Just forgot to mention that we had to open an All outbound rule for it send traffic outbound to other VC kits. Just couldn't figure out which ports it uses.
HTH,
Ash.
< Message edited by Ashokk001 -- 23.May2007 3:35:15 AM >
|
|
|
|
|
RE: Definative Solution for Polycom communication - 23.May2007 11:20:07 AM
|
|
|
tshinder
Posts: 46637
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Ash,
Thanks! This is great information. I'll include it in the newsletter this momth.
Thanks!
Tom
_____________________________
Thomas W Shinder, M.D.
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
MVP -- ISA Firewalls
|
|
|
|
RE: Definative Solution for Polycom communication - 20.May2008 1:35:29 PM
|
|
|
jiuq
Posts: 2
Joined: 20.May2008
Status: offline
|
Hi everyone....
the exact procedure for using the polycom devices... is in the Microsoft KB 556039.
the url is: http://support.microsoft.com/kb/556039
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
