Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Seven H.323 devices behind 1 public IP

    NAT
    2
    4
    707
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      datorkop85 last edited by

      Is this even possible? I have cerated NAT Port Forward rules and everything works if I only have 1 videoconference unit online. If I connect additional devices = sound issues, content sharing issues and so on.

      When looking at Firewall Logs, I see that traffic is passed, but it passes traffic to the other H.323 devices too. I have created an Alias with all Cisco/Tandberg units on NAT Port Forward.

      I have configured different RTP Port Ranges on Cisco/Tandberg but no luck… I have port forwarded all the ports needed and NAT Mode is ON for all my H.323 devices.

      If I NAT 1:1 the second unit on another Virtul IP (public) - it works. But since I have 7 units, I don't have that many public IPs...

      Is it possible to have multiple H.323 devices behind 1 public IP? If yes, what am I doing wrong?

      1 Reply Last reply Reply Quote 0
      • S
        starkiller last edited by

        You need an h.323 proxy which pfsense doesn't have.

        1 Reply Last reply Reply Quote 0
        • D
          datorkop85 last edited by

          Well, I seem to have solved this issue.

          When I had one Alias containing all the Tandberg/Cisco units and allowing all the port ranges - it got messed up. I thought that the devices + pfSense would solve it on their own = port forward RTP ranges to the specific device having those RTP ports configured..

          I have now solved it like this in pfSense:
          Unit 1 = 192.168.2.10
          Port Range: 2000 - 2200
          Public IP: 94.xx.xx.xxx

          Unit 2 = 192.168.2.11
          Port Range: 2400 - 2600
          Public IP: 94.xx.xx.xxx

          And so on… It seems to work. Don't know if this will work forever but it seems OK now.

          Feedback is always welcomed :)


          1 Reply Last reply Reply Quote 0
          • S
            starkiller last edited by

            You should be good actually, i misread and didn't see where you had specified the ports on each device.
            In that case a proxy is not needed. Its when it's using dynamic port ranges that it has issues.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post