Date: Mon, 21 Jun 2004 17:36:04 -0400 From: Bill Moran <wmoran@potentialtech.com> To: Charles Swiger <cswiger@mac.com> Cc: desol@telus.net Subject: Re: Msn Voice conversation Message-ID: <20040621173604.25dd0161.wmoran@potentialtech.com> In-Reply-To: <716BFBC3-C3C9-11D8-BF1C-003065ABFD92@mac.com> References: <BKECJPEPGLFKCMMJOOFACELFCCAA.desol@telus.net> <716BFBC3-C3C9-11D8-BF1C-003065ABFD92@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Charles Swiger <cswiger@mac.com> wrote: > On Jun 21, 2004, at 4:21 PM, Dj Uwins wrote: > > I'm trying to get msn voice conversation working through NATD. I've > > been > > reading alot of posts and there are others who can't seem to get this > > working by trying to forward ports in natd.conf. > > Yes, the H.323 protocol family is a nightmare in terms of complexity > and it simply doesn't play nice with NAT or reasonable firewall > configurations. My recommendation would be to block the H.323 protocol > entirely and use something else rather than compromise one's security. > > > Does anyone know how to make this happen? > > This is a hard problem which may not be solvable without paying license > fees for proprietary H.323 resources and documentation. Have you > looked into getting a commercial firewall which supports H.323 proxying > via NAT...? Another option would be to install Asterisk on your firewall and configure it to handle the proxying. (Asterisk is an open source VoIP server, amoung other things.) Last I checked, there were still a lot of security concerns about running VoIP over the Internet. I see a lot of people doing it anyway, and I expect there will be a big surge of viruses, worms or some other exploit in the near future as a result. -- Bill Moran Potential Technologies http://www.potentialtech.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040621173604.25dd0161.wmoran>