H.323 Video Calling using InFocus Devices

Jeremiah Barkman -

H.323 is a suite of video conferencing protocols that is supported by many video conferencing systems. InFocus has several products that support the H.323 suite. Mondopad 2.0, ConX Video Phone, and Big Connect all support H.323. These products, with the exception of the ConX Phone, are Windows-based systems. It is up to the network administrator where these systems are employed to determine the balance between security and functionality.

 

H.323 Considerations

H.323 is challenging from behind a NAT. One reason you will find that H.323 devices are set up with public IP addresses is to avoid problems traversing NAT. For the Mondopad and Big Connect, this is not a good option because they are Windows-based and a security risk in that configuration. So you will need to employ one of the NAT traversing methods such as H.323 Helper, H.323 Fixup, or another depending on the NAT appliance or software you are employing. The link below is a helpful 3rd party document relating some possible paths to resolve this.

NAT Firewalls and Videoconferencing using H.323 Border Traversals

H.323 Compatibility

Over the past twenty years there have been many H.323 Video Conferencing systems introduced to the marketplace. Systems that are now end-of-life / end-of-support from the vendor are not guaranteed to work with our systems or services. Also be aware that even with modern, vendor-supported systems, we can’t guarantee interoperability. This is because vendors may customize the standard on their systems. This makes it nearly impossible to support all systems all of the time.

 

H.323 and Firewalls

If an H.323 device is behind a firewall, there are certain firewall port requirements that allow communication using this suite of protocols.

H.323 Signaling Port 1720 TCP/UDP Outbound should be unrestricted.

H.323 Media Port Range 1024-65535 UDP Outbound should be unrestricted.

Stateful Firewalls: These settings are presented assuming that the firewall is allowing stateful traffic. If for some reason your firewall is so locked down so that it doesn’t allow inbound traffic based on the originator’s outbound path, more detailed configuration will be required.

 

5-23-2016

Have more questions? Submit a request

Comments

Powered by Zendesk