I'm having problems getting H.323 traffic over ipsec vpn, is this not possible?
It's a standard ipsec vpn tunnel, everything is allowed both ways.
Everything else works over the tunnel.
The setup is with a PA-500 in my end and a netscreen firewall in the opposite end.
Check your traffic logs on PAN as well as NetScreen sides (assuming you have logging enabled on your policies). Note that if you only enabled logging at session end then you will need to wait for the session to close before you will see a log entry. So for debugging you may want to temporarily also enable logging at session start. If all traffic is permitted in both directions then you should see the traffic on both sides of the tunnel and perhaps can isolate accordingly.
If you still cannot see any H323 and subsequent rtp/rtcp session traffic, then I would suggest to contact PA support of your partner support to troubleshoot.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!