Re: NetMeeting and NAT firewall

From: Lurker#2 (L@2.com)
Date: 03/15/02 

From: "Lurker#2" <L@2.com>
Date: Fri, 15 Mar 2002 08:44:00 GMT

"Phil" <phil.g4iio@ntlworl.com> wrote in message
news:RY2k8.57136$yc2.6202438@news2-win.server.ntlworld.com...
> Is it possible to support NetMeeting via a NAT firewall, at the moment
users
> can connect in only one direction. I currently use Smoothwall, but
> downloading ISO for IPCOP as a write this.
>
> Thanks in anticipation,
>
> Phil
>
>
>
>

Phil,
The short answer is yes. However, if you want to use audio/video (which I'm
assuming you do if your using NetMeeting) you might as well not have a
firewall because you have to open LOTS of ports. The port numbers for
audio/video are assigned dynamically so you never know which ports you need
to have open. If you're connecting directly with another user (not using an
.ils server) and you don't need audio/video, (just want to type everything)
then you only need to have port 1503 open/forwarded.
----------------------------------------------------------------------
NetMeeting uses the following Internet Protocol (IP) ports:

   Port Purpose
   -------------------------------------
   389 Internet Locator Server (TCP)
   522 User Location Server (TCP)
   1503 T.120 (TCP)
   1720 H.323 call setup (TCP)
   1731 Audio call control (TCP)
   Dynamic H.323 call control (TCP)
   Dynamic H.323 streaming [Realtime Transport Protocol (RTP) over User
Datagram Protocol (UDP)]To establish outbound NetMeeting connections through
a firewall, the firewall must be configured to do the following:
Pass through primary TCP connections on ports 522, 389, 1503, 1720 and 1731.

Pass through secondary UDP connections on dynamically assigned ports
(1024-65535).
----------------------------------------------------------------------

Link to above information:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q158623

Relevant Pages

  • RE: IM Programs
    ... want to block these ports. ... you don't need an explicit deny for the other ports. ... Access-list 101 deny any tcp any any eq 5000 ... >Now, when applying these to your firewall, make sure the number ...
    (Security-Basics)
  • Re: R2 DFS Replication failing
    ... Disabled the firewall and everything started magically working.. ... BTW: Found out the RPC patch is this one: ... System service name: DfsApplication protocol Protocol Ports ... NetBIOS Session Service TCP 139 ...
    (microsoft.public.windows.server.general)
  • Re: Ping pmj
    ... a software firewall to fill the gaps in or you will get intruders!!! ... Software Firewall, or not Forwarded in your Router), then NetMeeting ... *also* Open up some Ports when receiving Calls. ... Such as VNC ...
    (uk.people.silversurfers)
  • Re: Windows Firewall on Domain Controllers
    ... confgured for all the AD ports and you do some voodoo with RPC ports. ... Don't use firewall on a DC, use a diferent machine, if you can don't join ... Global Catalog Server TCP 3269 ...
    (microsoft.public.windows.server.active_directory)
  • Re: How to Establish NetMeeting Connections Through a Firewall
    ... > firewall or not, and what ports you should pass through ... It does provide information on port usage in NetMeeting but from I can tell ... You said you strongly recommend a software firewall, ... > communication on all the ports described in the article. ...
    (microsoft.public.internet.netmeeting)