Connection Problem with Polycom VSX7000

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Connection Problem with Polycom VSX7000

Not applicable

Hello All,

I am having issues with video conferencing when using our Polycom VSX7000 which was working fine previously with our Checkpoint Firewall. When we switch over to PA-2020. We start having issues.

We are able to dial out to connect with remote VC unit but when the remote VC units tried to connect to us, the VSX7000 shows connected but there is no video or audio.

The rules are allow any from external to internal as well.

We have another LifeSize unit which works just fine.

Both are NATed.

Thanks

Ben

1 accepted solution

Accepted Solutions

Dear TIm

Please check your polycom settings

Below is the right Polycom device settings inorder work with Palo Alto

Admin
Settings->Network->IP Network, Firewall:

    - Enable
NAT/Firewall Traversal: (CHECK this option)

  - NAT
Configuration: (MANUAL)

  - Nat
Public (WAN) Address: (Enter the Public IP of the Polycom)

  - NAT is
H.323 Compatible:(UNCHECK this option)

  - Address
Displayed in Global Directory: (Public)

Thanks

Shabeer

View solution in original post

8 REPLIES 8

L6 Presenter

Are you using static NAT or dynamic NAT?

Does the Polycom use H.323?

-Benjamin

Yes Benjamin

What will do in this case

Thanks

shabeer

It may or may not help, but it looks like our issues with the polycom VC systems, which were similar to yours, all went away with the update to the 4.1.3 code.

Set up with Static Bidirectional NAT  & simple application filter security rules.

Nick.

Hi Nick

Thanks for the update

actually here iam using 4.1.4 PAN-OS and same NAT rule any any security policy,also i did application override for polycome device.no luck

Shabeer,

Did you ever resolve this?  I just ran into the exact same problem with a 2050 running 4.1.7, old polycom vsx7000.

Thanks,

Tim

Dear TIm

Please check your polycom settings

Below is the right Polycom device settings inorder work with Palo Alto

Admin
Settings->Network->IP Network, Firewall:

    - Enable
NAT/Firewall Traversal: (CHECK this option)

  - NAT
Configuration: (MANUAL)

  - Nat
Public (WAN) Address: (Enter the Public IP of the Polycom)

  - NAT is
H.323 Compatible:(UNCHECK this option)

  - Address
Displayed in Global Directory: (Public)

Thanks

Shabeer

I am currently having the same problem on v504 code...

what ind of "simple application filters" did you setup ?

Thank you in advance,

Don

Three rules in security policy:

spol1.png

Simple application group:

spol2.png

Note that for outgoing connections theres no restriction on service, for incoming its restricted to application default ports only. The explicit block rule in the middle blocks some application default ports that dont need to be open for NATted incoming connections.

Using 4.1.11hf1.

  • 1 accepted solution
  • 7368 Views
  • 8 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!