Re: NetScreen XP and NetMeeting

["Igor D. Spivak" <urbanachiever () attbi com>]

5xp also supports vpn --- only 10 users by default, but that is the easiest
and the most secure way to have netmeeting with out a server.

cheers,

igor'
----- Original Message -----
From: "Sarbjit Singh Gill" <ssgill () gilltechnologies com>
To: "Rick Darsey" <rdarsey () aims1 com>;
<security-basics () lists securityfocus com>
Sent: Thursday, December 12, 2002 5:58 AM
Subject: RE: NetScreen XP and NetMeeting


> Greetings and thanks for the reply.
>
>
> To give you folks some more details:
>
> The NetScreen 5XP does not support a DMZ:Only trusted and untrusted
> interfaces.
>
> I have a ADSL router/modem. There is no NetMeeting server. What my client
> would like to do is use the built-in netmeeting client in Windows to
> "chat/talk(audio)/see(video)/remote control/share application with another
> person on the internet with similar software. I believe this no-server
> scenario can hold up 20 people in a single chat session. It is similar
when
> one stars the netmeeting from MSN Messenger.
>
> Cheers
>
> Gill
>
> -----Original Message-----
> From: Rick Darsey [mailto:rdarsey () aims1 com]
> Sent: Thursday, December 12, 2002 9:49 PM
> To: ssgill () gilltechnologies com
> Subject: RE: NetScreen XP and NetMeeting
>
>
> Gill,
>
>
> What is the layout of your network. Do you have a router and a firewall,
or
> is the router acting as the firewall. If you have both, would it be
possible
> to place the Netmeeting server outside of the firewall, between it and the
> router?  Depending on the type of OS, ie Windows 2000 server, etc., there
> are some filtering capabilities within the OS that will let you limit the
> traffic to the server.
>
> Just an idea.
>
> Rick
>
> -----Original Message-----
> From: Sarbjit Singh Gill [mailto:ssgill () gilltechnologies com]
> Sent: Wednesday, December 11, 2002 5:19 PM
> To: Rick Darsey
> Subject: RE: NetScreen XP and NetMeeting
>
>
> Greetings Rick,
>
> The NS XP does not support a DMZ.
>
> Gill
>
> -----Original Message-----
> From: Rick Darsey [mailto:rdarsey () aims1 com]
> Sent: Thursday, December 12, 2002 6:22 AM
> To: ssgill () gilltechnologies com; security-basics () lists securityfocus com
> Subject: RE: NetScreen XP and NetMeeting
>
>
> I would think you could setup the NetMeeting server in a DMZ zone outside
of
> the firewall, and then turn on keep state on the firewall to allow users
> within the LAN to connect, but I am not sure about the keep state part.
>
> Rick Darsey
>
> -----Original Message-----
> From: Sarbjit Singh Gill [mailto:ssgill () gilltechnologies com]
> Sent: Wednesday, December 11, 2002 1:37 PM
> To: security-basics () lists securityfocus com
> Subject: NetScreen XP and NetMeeting
>
>
> Greetings,
>
> As the subject goes, i need to get net meeting to work via NetScreen. I
> found a KB
> article(http://support.microsoft.com/default.aspx?scid=kb;en-us;158623)
but
> it seems to show, i had to open a whole range of ports. I am skeptical
about
> that!
>
> e.g..
> Pass through primary TCP connections on ports 522, 389, 1503, 1720 and
1731.
> Pass through secondary UDP connections on dynamically assigned ports
> (1024-65535).
>
> the above shows a whole range of ports that i have to open. Is there a
work
> around.
>
> Kind Regards
> Gill