CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. Come to CPUG CON 2008 EUROPE in Switzerland on September 8th - 9th!
    Two days full of technical content for Check Point administrators in the beautiful Swiss Alps!
    We already have sign-ups from twelve different countries!
2. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 7/14, 8/25, 10/6, 11/3, 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8.
3. Corrent S3500 SecureXL Turbocards For Sale - Last Six Remaining - Get Your Spares!
4. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 And Related Products > Services
Reload this Page Malformed H.225 message from video conferencing
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2006-03-13
aallsopp aallsopp is offline
Junior Member
  
Join Date: 2005-10-31
Location: Saskatoon, Saskatchewan, Canada
Posts: 27
Rep Power: 0
aallsopp has an average reputation (10+)
Default Malformed H.225 message from video conferencing
I am seeing the following blocked traffic when trying vdeo conferencing between two site. Both are behind Checkpoint NGX HFA_02 running on Nokia IP 350's with IPSO 4.0.

Any ideas what I can configure to allow this traffic?


Number: 1376589
Date: 13Mar2006
Time: 13:45:48
Product: VPN-1 Pro/Express
Interface: eth2c0
Origin: nbfw1 (142.166.5.58)
Type: Log
Action: Drop
Protocol: tcp
Service: H323_any (1720)
Source: Saskatoon_Video (10.192.109.234)
Destination: NB_Video (10.88.132.242)
Source Port: Napster_directory_5555 (5555)
Information: H.323 reason: Malformed H.225 message
Reply With Quote
  #2 (permalink)  
Old 2006-03-14
chillyjim chillyjim is offline
Senior Member
  
Join Date: 2005-08-29
Location: Upstate NY
Posts: 1,598
Rep Power: 4
chillyjim has an average reputation (10+)
Send a message via AIM to chillyjim Send a message via Skype™ to chillyjim
Default Re: Malformed H.225 message from video conferencing
This is "fixed" in HFA_3, which should be released RSN. If you cannot wait, call support, I belive there is a hotfix available.
Reply With Quote
  #3 (permalink)  
Old 2006-03-15
aallsopp aallsopp is offline
Junior Member
  
Join Date: 2005-10-31
Location: Saskatoon, Saskatchewan, Canada
Posts: 27
Rep Power: 0
aallsopp has an average reputation (10+)
Default Re: Malformed H.225 message from video conferencing
Due to numerous other small errors on that particular Nokia box, I am replacing it with a SPLAT platform this weekend and then rebuilding the Nokia from scratch. If the problem persists I'll look at the hot fix, although the video is not being blocked by an identical Nokia gateway at the other end.
Reply With Quote
  #4 (permalink)  
Old 2006-03-22
aallsopp aallsopp is offline
Junior Member
  
Join Date: 2005-10-31
Location: Saskatoon, Saskatchewan, Canada
Posts: 27
Rep Power: 0
aallsopp has an average reputation (10+)
Default Re: Malformed H.225 message from video conferencing
After numerous suggestions from Nokia, Checkpoint and users goups, I was not able to determine why the H323 packets were being dropped by only one of our firewalls. But, I was able to by-pass the problem by enabling wire mode on the VPN connection between the two sites internal ports.

Video conferencing is now working.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -7. The time now is 16:47.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0