Cisco Firewall :: ASA 5510 - Connect From Outside To Conference On MCU / No Video Received
Dec 27, 2011
There are two Polycom devices behind ASA (Terminal HDX7000 and MCU RMX1000), ASA is connected to Cisco 1900 router which is connected to ISP.
Polycom devices are NATed (unique global address per device) on router and h323 inspection is done on ASA. The issue is that when trying to connect from outside to conference on MCU I don't receive any video (but MCU shows me like a connected participant). The same is true when MCU try to call outside terminals, they are shown as connected participants, but there is just a black screen. On ASA all ports are opened (both in and out) and there are no ACLs on router. And what means NAT configuration on Polycom devices, why it is needed when NATing is done on router (such configuration option I've seen also on Tandberg and another vendor's devices)?
View 5 Replies
ADVERTISEMENT
Oct 19, 2010
my client wants to make videoconference call thorugh Microsoft Office Communicator, this should be operating between host from one site to another one, but we already configured some rules in the firewalls, and making some test I see that the videoconference use dynamic ports (1024 to 65535) and if we let to operate the videoconference we should remove all the rules in the firewall and that's not the point.
View 6 Replies
View Related
Jan 17, 2012
Site A Cisco 2911 -- 2 T1 WIC. One going to Site B 1841 another going to Site C 1841.I am looking for a way to setup a Polycom QOS, judging by several forum posts about this, would it be better to create an access list with the Polycom IPs to limit the bandwidth to 512Kbps? Or if not, a link for Polycom QOS configs? What is happening is when noone else is using the connection except for the video conference, after about an hour with the T1 not being 100 % utilized, the 2911 GE0/0 interface will start developing input queue errors. What I usually have to do is reboot the router at night and that alleviates the problem since regular data traffic will not cause this problem.
Current configuration : 3529 bytes
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec localtime show-timezone year
service password-encryption
[Code] .....
View 1 Replies
View Related
Apr 24, 2013
I Can't see the far video when run the video conference. the audio is working fine.How to config the port forwarding for video conference?
View 1 Replies
View Related
Mar 21, 2012
I have connected CeeLab C300 video confernce system to our lan connectet to linksys wag200g. I have forwarded all the ports listed in manual to work without public ip. The problem is that system connect with our branch in other city, sound is great but i have no video on our tv. The other side has an audio and video but using public ip. Is a wag200g compliant to work with videoconferencing system? Support of the Ceelab ask me that Linksys is capable to NAT the H323 codec for audio & video/
View 1 Replies
View Related
Feb 20, 2012
I have configured cisco 1751 router for internet with nating. Internet browsing working fine. But We have polycom hdx 6000 conference system to connect from remote site.
1. While calling remote ip it is ringing and connecting but not displaying any thing on the screen but their side is displaying.
2. When they call our side ip it cannot connecting.
I have connected netgear router then video conference is working fine (with out port forwarding also). If I configured that router between 2 local sites (not on internet line) its working fine where i did not configured any thing just given routing. Configure same situation using internet leased line.
View 1 Replies
View Related
Mar 13, 2012
I have a setup using an ASA 5510 8.2(2). In the DMZ (192.168.12.x) there is a server, switch and multiple cameras for surveillance of the site. In the Inside (140.152.25.x) are the pcs that can run the client software to view the video feed, or it can pull from the server in the DMZ.
On the server in the DMZ, you can see the feed, along with any pc you connect to that network. On any machine on the Inside, or through VPN, you cannot either with the client software or pulling from the surveillance server.
I am watching the connection through ASDM and don’t see any particular port being blocked, but I do see TCP connections being terminated by inspection. So far I’ve taken out inspections for http and rstp. I don’t really see anything else that would drop video. I've attached the error I keep seeing.
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
[Code].....
View 7 Replies
View Related
May 4, 2011
I am using ASA 5510 and I have a specific problem with Http Connection to receive a video Flow ( RSTP protocol ) in the LAN. Some Pc users (192.168.1.133,in the log) with ASA Lan Interface as gateway can ping the Camera but don't receveive the video flow.Some Pc users (192.168.1.116,in the log) using another gateway can ping and receive the video flow. I used Whireshark to capture traffic between camera and Pc using the 2 gateway. I joined Logs with this message.It seems to be a problem of TCP segments on the ASA, I try to changed some TCP options but it's still the same:- Disable Force Maximum Segment Size- Enable Force TCP Connection to Linger in TIME_WAIT State for at Least 15 Second.
View 7 Replies
View Related
Nov 7, 2011
We have just acquired a cisco profile 42 video conferencing equipment and am required to open ports for SIP and H232, any pointers on hw that can be acquired i have a cisco ASA 5510, Some one told me to open port 16384 but i need pointers on how to do it becuase I already set an access list to any.
the config
Internet -> ASA 5510 -> Switch -> Profile 42 and other devices
View 5 Replies
View Related
Apr 9, 2012
I have a customer with a Cisco ASA 5510 firewall, an inside network containing a Genetec video recording server, and cameras installed on broadband modems throughout the area (each with a public IP). They've recently purchased Axis Q6034-E cameras that use H.264 to stream back to the video recording server. The camera has a view mode where you can watch it through H.264 or Motion JPEG. The view with M-JPEG works, but when I switch to H.264 the video stream is denied. We have allowed RTSP, RTP, and HTTP (it's setup with only http, not 443)traffic from the camera address on the cable company public network but are still being denied the video stream. The recording software requires that the feed come from the H.264 feed, so the motion jpeg does not fix the underlying issue of being able to record.
We know it's the firewall because if we install the camera on the inside network, the video feed in H.264 works to the recorder.
How to enable something special on the firewall to allow traffic through from the device?
View 1 Replies
View Related
Mar 7, 2013
Trying to set-up a priority queue for Voice and Video traffic, below is the current ASA config. The WAN link is 6mb, trying to limit the Internet traffic to 4mb and save 2mb for the PQ, config belowTraffic just isn't hitting the PQ
priority-queue outside
queue-limit 512
tx-ring-limit 200
!
class-map Video
description Video
match dscp af31
[code]....
View 6 Replies
View Related
May 21, 2013
I have an ASA 5510 in a live environment. Up til a short while ago I could access this via the ASDM and ssh. However I can no longer connect to it via eithier. When I access It via SSH I get a disclaimer saying the following
*** You have entered a restricted zone! Authorized access only!!! Disconnect immediately if you are not authorized user! ***
It then cuts me off.
When I try to access the ASDM I get the following
The firewall is running all its services without a problem and I can ping the device without any issues. Also none of the config (to my knpowledge has been changed). I set up a console session and http server enable is still there with
http 192.168.200.0 255.255.255.0 inside
View 4 Replies
View Related
Feb 15, 2012
i can no longer connect to the internet and i have tried everything i could think of. my "wireless network connection status says 0 packets sent and 0 recieved,but im connected to my router with excellent signal. when i got this laptop it had alot of malware, i removed 283entries with malwarebytes in safemode. after i did that i couldnt connect to the internet.
View 1 Replies
View Related
Jan 31, 2012
We have a new router (D Link) at offices which is fixed with LAN wall points on different places , we want to use it .I connected computers to the LAN points with regular lan cables , it gives me the alert (connected) but no bytes received .I tried to ipconfig an here's what i got :Windows IP ConfigurationEthernet adapter Local Area Connection 2[CODE]
View 1 Replies
View Related
Jul 5, 2012
I have a ASA5540 firewall set-up with an interface MTU of 1500.
I suspect that we are receiving packets with a larger MTU but have not found an easy way of confirming this. Any command that can be run on the firewall to display the MTU packet size being received on an interface?
We are also running Solar Winds so could query an OID if such a variable exists.
View 1 Replies
View Related
Jun 6, 2012
I have a Linksys wireless router model WRT54G (not sure the exact model, it's not in front of me right now). It has worked flawlessly for the past several years, but for some reason has recently stopped working. I confirmed it's not a problem with the DSL Modem, as I can hard wire connect to my laptop and the internet works fine. It's clear something is wrong with the wireless router. I've tried unplugging, hitting the reset button on the back, and nothing has worked. My computer is able to recognize/locate the router and connect, it's just that I can't connect to the internet. One thing I've noticed under the wireless connection is that the computer is able to "send" packets, but not "receive." My experience is that this is always the case when I experience connection problems, but I have no idea what that means. I was going to call the Help Line, but I see it costs $30 which is likely more than my router is worth and probably 1/2 to 1/3 the cost of a new one so I am trying to troubleshoot myself.
View 8 Replies
View Related
Apr 24, 2012
I am transitioning from a Microsoft ISA server to a Cisco ASA 5510. So far so good, until it comes to getting AAA functioning properly. I have a Microsoft IAS server that is functioning properly, however when I try to test it through the ASA's ASDM it errors out. When I run a packet trace it shows it's being blocked by the dreaded implicit ACL. The funny thing is that I can ping and traceroute to the IAS server from the ASA. I found numerous config examples for AAA using IAS, but still not working.
Could it possibly be behaving this way because my ASA and my IAS server are on two different internal netowrks? (172.31.1.x-ASA, 10.1.1.x-IAS)
View 1 Replies
View Related
Apr 27, 2011
Searched through conference and still have no resolution.Switch: Cisco SGE 2000..Layer3 mode enabled through console. [code]
View 3 Replies
View Related
Oct 1, 2012
I was able to connect to my ASA 5510 with a browser, install ASDM, and configure my ASA 5510 with my Windows 7 laptop. Since I needed the laptop for another task, I am now trying to connect using a Linux laptop to do the same, but without success.
I can ssh into the firewall using the management port (192.168.1.1) from the Linux command line. However, I cannot connect using a browswer (192.168.1.1) to install ASDM.
View 2 Replies
View Related
Mar 23, 2013
A bit of a straight forward question, is it possible to connect a 5505 to a 5510 direct via a crossover or do you need a switch inbetween capable of trunking?
View 1 Replies
View Related
Jun 26, 2012
I was trying to add an Access Rule then Nat rule, they applied ok then i lost connection to my ASA 5510.I cant ping device ip, i cant connect via console , only can acess via Management port, i have pasted Running config. [code]
View 4 Replies
View Related
Sep 11, 2012
I hava ASA5510. INSIDE,DMZ and OUTSIDE interfaces are configured. I hava web server on DMZ ip:10.0.0.1 and it is static natted to 1.1.1.1. From internet i can reach to web server with IP:1.1.1.1 and from INSIDE connect to web server with IP:10.0.0.1. Now i want to connect from INSIDE to WEB server via public IP(1.1.1.1).how can configure it?
View 2 Replies
View Related
May 12, 2012
I have an ASA 5510 configured 3 interface Internet_AAPT, Internal_Network and Server_Network. The server network works fine as is able to connect to the internet and services like port 80 work from the internet in. But from the Internal_Network can only get to the server network but not internet (6May 13 201214:17:4030201310.153.111.21253663199.47.216.14880Built outbound TCP connection 42508 for Internet_AAPT:199.47.216.148/80 (199.47.216.148/80) to Server_Network:10.153.111.212/53663 (10.153.111.212/53663). The weird thing in logs i see a connection being made but for some reason its referring to the Server_Network interface? below is my current config...
ASA Version 8.2(5)
!
hostname ASA01
domain-name names
name 10.153.11.184 QNAP
name 10.153.11.192 exc2010
name 10.153.11.133 zeacom
[code]....
View 10 Replies
View Related
Dec 4, 2011
I have an ASA 5510 which i've configured for internet access.I can connect to the internet from the ASA box,I can ping public networks from the console of the ASA box,but cannot access public hosts from internal hosts connecting via the ASA box.Find my config below to know what i ahave omitted or committed.
[code]...
View 5 Replies
View Related
Jul 20, 2011
I have this problem with the Polycom Video Conferencing (HDX 7000) While we can initiate a video call to other locations, we can not receive a video call from other locations. Whenever there is a incoming call, the polycom is ringing fine. but once we answer the call, the call will be disconnected. Our access rules are listed below, 203.125.99.99 is our public IP for example.
View 1 Replies
View Related
Dec 26, 2010
Running FWSM Firewall Version 3.1(4)
The problem is that calls originating from the outside of the firewall to the inside will ring but you cannot answer. The internal video conference server is a Polycom HDX 7000. There are ANY/ANY rules to/from this server and the default application inspection policy is set for h323/ras/h225 as follows:
[code]...
View 2 Replies
View Related
Nov 1, 2011
I am current trying to configure the network settings on a standalone DVR.I have been doing trial and error all day long to get a 'SUCCESS' on a 'check' while entering the DDNS SVC information.After figuring out that the IP Configuration & Allocation of the Network in the router was messed up, I finally got the DDNS SVC to give me a 'SUCCESS' reading. Thus, enabling me to remotely access the digital video recorder via a Internet Browser.Here's the catch ;I am only able to access the DVR from the PC that has the configuration of the network. (example 10.0.0.1)and the settings on the DVR have been set to :IP : 10.0.0.5ubnet Mask :255.255.255.0Gateway : 10.0.0.1DNS : 10.0.0.1Port of device is set to 20410.So entering http://10.0.0.5:20410 directs me to the webclient that enables me to remotely access the device
View 10 Replies
View Related
Dec 22, 2012
I am attempting to connect a video streaming device to my wireless network and it will not accept what I think is the password
View 1 Replies
View Related
Nov 26, 2012
i have Huawei 8066 video conference Terminal, and i want to have a video conference point to point using the internet, so how to set the connection ?
View 3 Replies
View Related
Feb 1, 2012
I have CISCO DPC3825 router and theres about 3 computers and 2 wireless devices using internet through it. When i connect to a online video game I get these mini-disconnects. It happens periodically and frequently I'm not sure what is causing it.
View 1 Replies
View Related
Nov 30, 2011
Purchased the E1500, updated the firmware and have excellent wireless connectivity. The problem occurs when I connect for a video chat the internet disconnects and then reconnects.
View 2 Replies
View Related
Feb 26, 2013
I have some problem with the ASA 5510 ver 7.0(6). My manager wants to keep this as backup. tried lots of things but still users not able to access internet nor can i ping anywhere.For example when i ping 4.2.2.2 i dont get any reply.The runing config is below for ur ref :
HQ-ASA-01# show running-config
: Saved
:
[Code]......
View 9 Replies
View Related
Feb 5, 2012
I need to create a firewalled segment that not only separates hosts from general population, but also from each other. The solitary confinement of firewalled segments.I know that I could create a bunch of sub-interfaces, one for each host or group that needs to be isolated, but I'd really rather not have to do that if possible. 1) It could become a management nightmare between ACLs and sub-interfaces and 2) it's a waste of IP addresses.s there any way that I can create a bunch of separate VLANs behind the firewall and have them all terminate at the firewall, using a single firewall IP address for the gateway?
VLAN 1 - hosts 1.1.1.5 and 1.1.1.6VLAN 2 - hosts 1.1.1.7
Firewall DMZ Interface - 1.1.1.1VLAN 3 - hosts 1.1.1.8 and 1.1.1.9
This way, the hosts are isolated and can't talk to each other unless they're on the same VLAN.I'm working with an ASA 5510 running 8.2.4(4).
View 1 Replies
View Related
