Hello,
First off it's been great to find a project like this, am hoping this will
assist us in enhancing our video connectivity.
While I realize that placing the GK behind a firewall is not ideal that's
what I'm looking to do at this time to reduce other infrastructure changes
and allow us to use our fiber connection. Below is where I'm at which is
basically working well except for calls from Polycom CMA Desktop devices.
Our other goal is to possibly replace an old V2IU or have GNUGK as a
neighbor gatekeeper for redundancy. (neighbor dialing from gnugk to v2iu is
working great, but not the other way around)
Before the network part, some unrelated questions:
1) Does gnugk save/cache registrations? Say I restart the server and
someone calls before the endpoint re-registers. (TTL is 300, but still)
2) Any concerns using this on a VM? testing with 3.5.0 on a ubuntu VM.
Plan to upgrade to 3.8.0 soon. We only have about 15 endpoints and most of
the calls are to external entities. Maybe 3-4 concurrent calls are
average, but this is becoming an issue with the V2IU bandwidth especially
as we use video more.
//////////////////////
// Network
///////////////////////
Current:
T1/Cable Internet ---- V2IU WAN (embedded gatekeeper) --- LAN ---- Polycom
HDX endpoints
We've outgrown the T1, cable isn't reliable all the time and we're bumping
up on a 3Mbps throttle that the V2IU is enforcing.
New/Testing:
Fiber Internet ---- Fortigate Firewall ---- VIP (Destination NAT) --- LAN
V2IU or GNUGK ---- Polycom HDX
Outbound from HDX's or GNUGK NAT's with the public VIP we're using.
I've setup the VIP policies on the Fortigate with h323 and ras session
helpers to dynamically open the pinhole ports needed.
This works with both the V2IU and GNUGK when calling in from most devices.
(Other HDX's, Lifesize, etc..) When calling from CMA I keep getting Q931
errors on both. I suppose this points to something on the firewall, though
it seems I'll have more options with gnugk. Am not sure what to try next.
Sample call output is below. I've been through various iterations of
settings without any success. At the moment it's basically just
GKRouted=1. h245Routed, proxy mode and all kinds of port settings have
been tried as well.
ProxyChannel.cxx(1723) Q931s Received: Setup CRV=10425 from
EXTERNAL.CMA-IP:14712
singleton.cxx(24) Create instance: PreliminaryCallTable(9)
RasTbl.cxx(4640) CallTable::Insert(CALL) Call No. 1, total sessions
: 1
gkacct.cxx(964) GKACCT Successfully logged event 1 for call no. 1
ProxyChannel.cxx(4606) Q931s Call 1 is NAT type 0
ProxyChannel.cxx(1519) Call 1: h245Routed=0 proxy=0
ProxyChannel.cxx(7389) Q931d Could not open/connect Q.931 socket at
GNUGK.LAN.IP:0 - error 9/110: Connection timed out
ProxyChannel.cxx(6997) Q931 EXTERNAL.FIBER.IP:1720 DIDN'T ACCEPT THE
CALL
RasTbl.cxx(5114) CDR ignore not connected call
gkacct.cxx(964) GKACCT Successfully logged event 2 for call no. 1
yasocket.cxx(821) Q931d Delete socket EXTERNAL.FIBER.IP:1720
yasocket.cxx(821) Q931s Delete socket EXTERNAL.CMA-IP:14712
RasTbl.cxx(2667) Gk Delete Call No. 1
Thank You,
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________________
Posting: mailto:[email protected]
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users
Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users
Homepage: http://www.gnugk.org/
