These are a few things you can do 1-Polycom support NAT, there is an option in your POlycom..
To enable firewall traversal on a V Series system: a. Go to System > Admin Settings > Network > IP > Firewall > Next. b. Select Enable H.460 Firewall Traversal. 2-create a new protocol for H323 with service none(this way smartdefense checkpoint will not check inside this protocol) Your rules should allow V Series systems to open at least the following inbound/outbound TCP and UDP ports: 1720 (TCP), 14085-15084 (TCP) and 1719(UDP), 16386-25386 (UDP). I`ve copied this link from polycom http://knowledgebase.polycom.com/kb/search.do?cmd=displayKC&docType=kc&e xternalId=EndUser-Guides-Video-Vseries8-5-3ConfiguringSystemwithFirewall NATpdf&sliceId=pdfPage_3&dialogID=816048&stateId=0%200%20802959 3-it all of this doesn't work, putting your Polycom inside a DMZ would be great...`cause depending of your polycom model, NAT could be a headache. Ps. VideoQuality over internet sometimes is poor even with hudge bandwidth...because hops and latency over internet. -----Mensaje original----- De: Mailing list for discussion of Firewall-1 [mailto:[email protected] HECKPOINT.COM] En nombre de r locus Enviado el: Jueves, 26 de Febrero de 2009 12:43 p.m. Para: [email protected] Asunto: [FW-1] FW1 and Polycoms Video quality? I am running Windows 2003 spk2 and R65 HFA03. On the internal network we have 11 Polycoms that sometimes need to connect through FW1 to public Polycoms and bridges. Right now I am just allowing H323 traffic and it seems to work, but the video also seems to drop out a lot. We have a lot of bandwidth to support the video it just seems like it is FW1 and NAT. If I use static NATs to internal addresses could this help? Do I have to to use a dedicated bridge/FW to allow this consistent quality video from internal to external? Any help would be great. Thank you, rlocus Scanned by Check Point Total Security Gateway. Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
