RPD 2.3 and NAT/ì and/or firewall issue

Andrea · ‎05-23-2013

Hi there

I have RPD behind a D-Link firewall. RDP has private IP address, NAT is configured with ISP facing interface IP address for all outgoing traffic. Specific IP forwarding rules are configured to allow incoming tcp/1720, tcp/3230-3285 and udp/3230-3285.

Video and audio all fine, I can place and receive calls.

I have in an issue with content. I can always send content from my PC (both when called or when I place calls).

Content is never displayed when remote party send content.

I see Content Rx chanel set up with H.264 protocol at 256 kbps, buth then nothing is actually displayed.

Moving my RDP PC on a subnet directly connected to the ISP line, configuring the public IP address on the PC and all works fine.

It must be something related to NAT or firewall rules but I don't understand what's wrong with my setup.

Thanks for your help.

Andrea

AbinelSantiago · ‎05-23-2013

Hi Andrea,

This document can help you. It's so old, but I believe that is right.

Description

A user with a PC on the WAN-side of a V2IU wants to push content using People+Content IP to a VSX or HDX endpoint on the LAN-side of a V2IU.

Resolution

The following NAT statements are needed in the V2IU if the V2IU is the default route to the internet for the VSX/HDX codec. If another device is the default route to the internet, the NAT statements are needed on that device.

Assuming a WAN-IP address of 140.242.225.43/24 on the V2IU, and LAN-IP of 192.168.13.200 on the codec, and knowing that P+C IP requires TCP 5001 and UDP 5001, the example V2IU NAT statements required to achieve functionality are:

tcp;140.242.225.43/255.255.255.0-5001>192.168.13.200-5001

udp;140.242.225.43/255.255.255.0-5001>192.168.13.200-5001

NOTE:

Only one codec at a time can be utilized with P+C IP through a firewall as there no way to specify in the P+C IP application or codec what ports are to be used – port 5001 is hard-coded into the current software builds of P+C IP and endpoints.

Bazzuck · ‎05-24-2013

Hi Andrea

take a look on incoming ports in the RPD Release Notes. here

tcp inbound ports are different from yours.

try to change a firewall's config, but I'm not sure, that it will solve a problem.

Regards

GlennDavis · ‎05-31-2013

Not sure if you are still having an issue but will add something to try.

In reading your post you mentioned you have "incoming tcp/1720, tcp/3230-3285 and udp/3230-3285" configured.

Do you have outbound rules configured as well? In reading the release notes (here ) I have setup some rules within my home NetGear router that are the following.

Inbound

TCP 1720

TCP 3230-3329 - (you have 3230-3285)

UDP 3230-3237

SIP - 5060

Outbound

TCP 1720

TCP 3230-3329

UDP 3230-3237

SIP 5060

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Glenn Davis

Polycom Global Services

If you find my post helpful, and it answers your question, please mark it as an "Accepted Solution" and feel free to give me Kudos.

Please also make sure to check the below link for more RPM information
http://support.polycom.com/PolycomService/support/us/support/video/realpresence_mobile/realpresence_mobile_overview.html

Andrea · ‎09-12-2013

I moved to RPD 3.0. The rest of the setup is the same: RPD on private network, behind a NAT/firewall router, with NAT-T with public IP address on WAN interface and inbound IP forwarding rules as follows:

tcp/1720

tcp/3230-3329

udp/3230-3237

tcp/5001

udp/5001

The problem is still there: content rx seems to well negotiated but content is actually not displayed.

Any advice?

Thanks

RPD 2.3 and NAT/ì and/or firewall issue

RPD 2.3 and NAT/ì and/or firewall issue

Re: RPD 2.3 and NAT/ì and/or firewall issue

Re: RPD 2.3 and NAT/ì and/or firewall issue

Re: RPD 2.3 and NAT/ì and/or firewall issue

Re: RPD 2.3 and NAT/ì and/or firewall issue