RE: iChat A/V and Cisco PIX 501 (6.3)

["Melson, Paul" <PMelson () sequoianet com>]

One of you (probably you, since your friend's Linksys may not be
capable) will need to set up port redirection to your Mac for 5060/UDP
and 16384-16403/UDP.  Like so:

static (inside,outside) udp interface outside 5060 172.16.1.4 5060
...

This assumes that .4 is the IP address of the machine you're running
iChat from.  I'm also assuming that since your global is 'interface
outside' that you only have one public IP address to work from.  If
that's not the case, there's a much simpler solution - a static NAT rule
for your Mac's IP address to a public IP other than 'interface outside'.

PaulM


> -----Original Message-----
> I am currently experiencing difficulties getting iChat A/V to work 
> through my Cisco PIX 501 running PIX OX 6.3. As you can see 
> below, I am 
> attempting to connect from my internal address space (172.16.1.x) 
> through the Internet and through a friends Linksys router to their 
> internal address space (192.168.1.x).  Using a home D-link 
> router I had 
> no problems communicating with the same person.  It seems to 
> be failing 
> during translation, and I can't seem to figure out how to get around 
> it.  Has anyone been able to successfully configure a pix to 
> work with 
> iChat, particularly in this type of a configuration using NAT?  Any 
> help would me most appreciated.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards