Multiple Netmeeting Sessions

Multiple Netmeeting Sessions

[Norman Zhang]

Hi,

I was wondering if it is possible to setup iptables to allow multiple 
Netmeeting sessions originated from internet to local net? So far I map 
the port in /etc/shorewall/rules

DNAT net loc:10.0.0.10 tcp 1720
DNAT net loc:10.0.0.10 tcp 1503

But it only goes to a single machine? Or do I need gateway for this?

Regards,
Norman

Re: Multiple Netmeeting Sessions

[Antony Stone]

On Sunday 25 April 2004 5:07 pm, Norman Zhang wrote:

> Hi,
>
> I was wondering if it is possible to setup iptables to allow multiple
> Netmeeting sessions originated from internet to local net? So far I map
> the port in /etc/shorewall/rules
>
> DNAT net loc:10.0.0.10 tcp 1720
> DNAT net loc:10.0.0.10 tcp 1503
>
> But it only goes to a single machine? Or do I need gateway for this?

I believe you need H.323 helper modules for netmeeting.   Patch-O-Matic should 
have these.

Regards,

Antony.

-- 
Documentation is like sex.
When it's good, it's very very good.
When it's bad, it's still better than nothing.

                                                     Please reply to the list;
                                                           please don't CC me.

Re: Multiple Netmeeting Sessions

[Alistair Tonner]

On April 25, 2004 01:26 pm, Antony Stone wrote:
> On Sunday 25 April 2004 5:07 pm, Norman Zhang wrote:
> > Hi,
> >
> > I was wondering if it is possible to setup iptables to allow multiple
> > Netmeeting sessions originated from internet to local net? So far I map
> > the port in /etc/shorewall/rules
> >
> > DNAT net loc:10.0.0.10 tcp 1720
> > DNAT net loc:10.0.0.10 tcp 1503
> >
> > But it only goes to a single machine? Or do I need gateway for this?
>
	I believe that you need to also forward other ports for netmeeting.
	port 389, and 522 need to be forwarded through.  Although, with
	this setup I believe you can only connect to one machine inside.

	I'm not sure what frontend those rule are for, but they both appear to be 
	forwarded to the same machine.  Thus the connections will always go 
	there.

	The problem in this case is that there is a specific port on which the 
	call is initiated, and the machine to which you forward 1520 will recieve all
	inbound calls.

	If you have many 'recievers' inside the firewall that have non-routable 
addressess you will want to look into h323 gatekeeper software, or look into 
having different primary ports for each 'recieving' host i.e 10.0.0.10:1520
	10.0.0.11:1521 10..0.0.12:1522 --> I know this can be done with gnomemeeting, 
	but I am unsure if MS netmeeting can be configured to recieve calls on ports 
	*other* than 1520.

	There are two h323gatekeeper packages that I'm aware of, 

	http://www.gnugk.org/
	http://www.equival.com/phonepatch  <-- I haven't been able to get there 
	recently -- anyone know if equivalence is titsup, or is this just bad 
	routing/networking in their neck of the woods?

	of course, as Antony points out --->

> I believe you need H.323 helper modules for netmeeting.   Patch-O-Matic
> should have these.

	You definately need these to get the connections through.	
>
> Regards,
>
> Antony.