08-25-2011 11:41 PM
Hello All,
I am having issues with video conferencing when using our Polycom VSX7000 which was working fine previously with our Checkpoint Firewall. When we switch over to PA-2020. We start having issues.
We are able to dial out to connect with remote VC unit but when the remote VC units tried to connect to us, the VSX7000 shows connected but there is no video or audio.
The rules are allow any from external to internal as well.
We have another LifeSize unit which works just fine.
Both are NATed.
Thanks
Ben
09-11-2012 10:12 PM
Dear TIm
Please check your polycom settings
Below is the right Polycom device settings inorder work with Palo Alto
Admin
Settings->Network->IP Network, Firewall:
- Enable
NAT/Firewall Traversal: (CHECK this option)
- NAT
Configuration: (MANUAL)
- Nat
Public (WAN) Address: (Enter the Public IP of the Polycom)
- NAT is
H.323 Compatible:(UNCHECK this option)
- Address
Displayed in Global Directory: (Public)
Thanks
Shabeer
08-26-2011 10:40 AM
Are you using static NAT or dynamic NAT?
Does the Polycom use H.323?
-Benjamin
03-21-2012 04:21 AM
Yes Benjamin
What will do in this case
Thanks
shabeer
03-21-2012 09:00 AM
It may or may not help, but it looks like our issues with the polycom VC systems, which were similar to yours, all went away with the update to the 4.1.3 code.
Set up with Static Bidirectional NAT & simple application filter security rules.
Nick.
03-21-2012 01:04 PM
Hi Nick
Thanks for the update
actually here iam using 4.1.4 PAN-OS and same NAT rule any any security policy,also i did application override for polycome device.no luck
09-11-2012 01:22 PM
Shabeer,
Did you ever resolve this? I just ran into the exact same problem with a 2050 running 4.1.7, old polycom vsx7000.
Thanks,
Tim
09-11-2012 10:12 PM
Dear TIm
Please check your polycom settings
Below is the right Polycom device settings inorder work with Palo Alto
Admin
Settings->Network->IP Network, Firewall:
- Enable
NAT/Firewall Traversal: (CHECK this option)
- NAT
Configuration: (MANUAL)
- Nat
Public (WAN) Address: (Enter the Public IP of the Polycom)
- NAT is
H.323 Compatible:(UNCHECK this option)
- Address
Displayed in Global Directory: (Public)
Thanks
Shabeer
06-03-2013 02:10 PM
I am currently having the same problem on v504 code...
what ind of "simple application filters" did you setup ?
Thank you in advance,
Don
06-05-2013 01:58 AM
Three rules in security policy:
Simple application group:
Note that for outgoing connections theres no restriction on service, for incoming its restricted to application default ports only. The explicit block rule in the middle blocks some application default ports that dont need to be open for NATted incoming connections.
Using 4.1.11hf1.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
