Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ChoiYunSoo
Participant

Problems occur when communicating with H.245.

Hello

 

When a customer communicates with Cisco WebX, the service is not available.

I used tcpdump on the external interface of the firewall and found something unusual.

I will divide the situation into two types: normal and unnormal.

 

1. Unnromal situation

 - When viewing pcap information in wireshark, the src of payload is displayed as private IP.

 - I know the NAT IP information should be visible. Is that correct?

 

2. Normal situation

 - When viewing pcap information in wireshark, the src of payload is displayed as NAT IP.

 - Communication goes well without any problems.

 

normal.PNGunnormal.PNG

 

Is it correct to see this as abnormal processing when processing traffic at the checkpoint? Or is there anything else I am missing?

0 Kudos
Reply
3 Replies
PhoneBoy
Admin
Admin

How precisely is this traffic being permitted (ie what rules are used)?
Also, what version/JHF level?

0 Kudos
Reply
ChoiYunSoo
Participant

Customers are currently using a policy that matches service Any.

And the firewall is R80.10/Take249, which is a VRRP configuration.

0 Kudos
Reply
PhoneBoy
Admin
Admin

We shouldn't be modifying the traffic if you're using a Service of Any in the rulebase.
Recommend a TAC case here.

0 Kudos
Reply