Definative Solution for Polycom communication

Definative Solution for Polycom communication (Full Version)

All Forums >> [ISA Server 2004 General ] >> General

Message

BlakeD -> Definative Solution for Polycom communication (8.May2007 6:50:31 PM)
I am planning for a shortly-upcoming project, and thought I would hit this site for my usual doseage of help. I've done a LOT of searching on the forums, and seen my question asked many times, but I have yet to see an answer. So, for anyone with the expertise with ISA, or who has faced this and gotten it working: What is the definative solution for placing a Polycom (VSX 7000 in my case) behind an ISA server and making and recieving "calls" to other external Polycoms? I.e: Foreign Polycom --> Internet --> Router --> ISA Server --> Internal Lan w/ My Polycom My Polycom will be a SecureNat client. I am using ISA 2004 Std. Ed, and it is a member of my domain.

BlakeD -> RE: Definative Solution for Polycom communication (15.May2007 12:17:05 AM)
Bump No one has an answer?

tshinder -> RE: Definative Solution for Polycom communication (16.May2007 10:26:34 AM)
Hi Blake, No answer. I'm waiting too. Tom

BlakeD -> RE: Definative Solution for Polycom communication (18.May2007 11:44:54 PM)
Oh gods... If you're waiting on an answer Tom, I'm know I'm frelled. [;)] Any Microsoft PSS guys lurking care to comment?

tshinder -> RE: Definative Solution for Polycom communication (19.May2007 2:51:09 PM)
Hi Blake, The problem is that I don't know what protocols the Polycom uses. There is a vast array of "VoIP" protocols that all work a bit differently, so it's almost impossible for me to figure this out without actually ever seeing one of these devices. I know that a lot of people ask the same question, it's just that I've never seen any answers. My only suggestion is to create an all open outbound rule for the IP address of the polycom device and then see if you can figure out what inbound connections are required and create Server Publishing Rules for those protocols. Tom

Rotorblade -> RE: Definative Solution for Polycom communication (21.May2007 12:18:03 PM)
Have you talked with Polycom support? ( Polycomm uses the Gatekeeper services) We are looking at deploying and when I mentioned that we use ISA in our firewall design; they just kind of looked at me and snickered. My understanding they have their own gateway security device. RB

Ashokk001 -> RE: Definative Solution for Polycom communication (21.May2007 3:16:53 PM)
Blake, We got a polycom vsx7000 unit configured as a secureNAT device on the internal LAN. We have got it working by using the fixed ip setup and then setting up the relevant server publishing rule for inbound rules. I'll post the rule in couple of days time since i'm not back in the office till Wednesday. It is a pain because we tried all sorts of things to make this secure as possible but just couldn't figure our which ports were require for outbound so we ended up creating an all open outbound rule for the polycom unit's IP just as Tom has mentioned. I will let you know of our rules soon. Ash.

tshinder -> RE: Definative Solution for Polycom communication (22.May2007 8:45:33 AM)
Hi Ash, That would be great! Looking forward to seeing what Server Publishing Rules you created. Thanks! Tom

Ashokk001 -> RE: Definative Solution for Polycom communication (23.May2007 3:31:59 AM)
Hi Tom, Blake, The rules that we have configured is as follows: Type: Server Publishing rule. The polycom unit has a static ip assigned to it and is a secureNAT client on the internal network. Our setup is a simple one one internal network and one external network (internet). Create a server publishring rule i.e. "Allow incomming call from External VCs" select the "Allow" action" On the "Traffic" tab click on "New" to create a new protocol. Go through the new protocol wizard by providing the following information: Primary Connections: Protocol:TCP Port: 1720 Direction: Inbound Protocol:TCP Ports(range):3230-3235 Direction: Inbound Protocol:UDP Ports(range):3230-3235 Recieve No secondary connections and no H323 Filter selected in the filters section. Now select the "External" network in the "From" tab in the server publishing rule and then type in the internal IP address of the polycom unit in the "To" tab. I've left the option "Request appear to come from original client" Finally in the "Networks" select the external inteface and bind it to a particlar IP address if you want to. Now looking at the rules we also have a access rule which is set up exactly like this using the same protocol settings so i'll check that and see which one is being used. I'm sure its the server publishing rule. Just forgot to mention that we had to open an All outbound rule for it send traffic outbound to other VC kits. Just couldn't figure out which ports it uses. HTH, Ash.

tshinder -> RE: Definative Solution for Polycom communication (23.May2007 11:20:07 AM)
Hi Ash, Thanks! This is great information. I'll include it in the newsletter this momth. Thanks! Tom

jiuq -> RE: Definative Solution for Polycom communication (20.May2008 1:35:29 PM)
Hi everyone.... the exact procedure for using the polycom devices... is in the Microsoft KB 556039. the url is: http://support.microsoft.com/kb/556039

tshinder -> RE: Definative Solution for Polycom communication (25.May2008 11:31:32 AM)
Thanks! Tom

Page: [1]