SRX Services Gateway
Reply
Super Contributor
tbehrens
Posts: 348
Registered: ‎04-30-2010
0

Re: H323 ALG breaks Videoconferencing.. in 10r2

How's the H.323 ALG behaving in JunOS 10.2r3, for those that had issues? I am curious. And don't have a LifeSize system to test with. :smileyhappy:

Visitor
TommyLindqvist
Posts: 8
Registered: ‎08-31-2009
0

Re: H323 ALG breaks Videoconferencing.. in 10r2

Junos 10.0R4.7

 

In this release, for a wan-link with no NAT and any/any/any rules,

you need to disable H323 for LifeSize,

and enable SIP for IP-phones.

 

Just FYI.

New User
Lumber
Posts: 1
Registered: ‎04-15-2011
0

Re: H323 ALG breaks Videoconferencing.. in 10r2

We have Polycom here trying to connect to multiple endpoints in multiple networks through SRXs at the edge and have the same problem. We are running 10.2R3 on all of the SRXs. The only way we've made it limp along is to disable h.323 but that doesn't completely solve the problem. We still drop calls, content and sometimes can't even connect. We've done call tracerouting and proved that many of our issues are related to one way traffic.

 

What is the word from Juniper on this? This has been a known issue for a while and needs to be fixed ASAP. I'd even settle for a work around that isn't "disable h.323 inspection" because that doesn't really work either. Many people have complained here and with just about every major VC system so this really rests on Juniper to address. Can we get some usefule info please?

 

Lumber

Era
Contributor
Era
Posts: 63
Registered: ‎04-06-2009
0

Re: H323 ALG breaks Videoconferencing.. in 10r2

[ Edited ]
I have alg problems on srx cluster based on 10.4 r3 is it a chance to jump to 10.4 r5.6?
Era
Trusted Contributor
SomeITGuy
Posts: 330
Registered: ‎01-08-2010
0

Re: H323 ALG breaks Videoconferencing.. in 10r2

Nearly all the big H323 implementations implement extentions that do not work with ALGs.

 

Almost all Tandberg documentation states to NOT use ANY kind of Application gateway witht their products.

 

Also for future not:

 

- Many of the ALGs block by default and require you to configure them in some way to be used. Dissable any you have not read the documentation for.

- Read the release notes when upgrading between releases... every .x release contains new features... NEW ALGs are always a possiblity and firewalls block by default.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.