Firewall Wizards mailing list archives

Checkpoint and RTSP NAT

From: "Pedro Henrique Morsch Mazzoni" <phmazzoni () gmail com>
Date: Wed, 30 Jan 2008 14:35:16 -0300

Hi everyone,

I'm having problem with rtsp clients on my network trying to reach servers
on the internet. The clients are behind a Checkpoint NGX firewall doing NAT.
Capturing packets i saw that the NAT in the Checkpoint box is the problem.
The firewall do NOT change the "client_ports" parameter in the response
packet from server when de-NATing the packet:

Client to server Transport field of RTSP packet: Transport:
RTP/AVP;unicast;client_port=6970-6971
;mode=play,RTP/AVP/TCP;unicast;mode=play
Server response to client: Transport: RTP/AVP;unicast;source=72.14.209.177
;client_port=59598-59599;server_port=10580-10581;ssrc=6DF21148

Did anyone knows if Checkpoint NGX can be awareness of RTSP when using NAT,
and change the payload of the response packet ?

Thanks,
Pedro Mazzoni

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Checkpoint and RTSP NAT Pedro Henrique Morsch Mazzoni (Jan 30)
- Re: Checkpoint and RTSP NAT Paul Melson (Jan 31)