At some point of connection negotiation gateway sends to the listener startH245 Facility PDU:
The listener tries to connect to gateway at 10.10.1.38:54341 but failed because of firewall.0:02.968 H225 Answer:80 H225 Receiving PDU [ip$10.3.114.200:1720/ip$10.10.1.38:46631] :
{
q931pdu = {
protocolDiscriminator = 8
callReference = 5193
from = originator
messageType = Facility
IE: Facility = {
}
IE: Display = {
63 69 73 63 6f 20 53 79 73 74 65 6d 73 2c 20 49 cisco Systems, I
6e 63 2e nc.
}
IE: User-User = {
26 90 06 00 08 91 4a 00 04 7d d4 ee e2 6a a5 11 &.....J..}...j..
e1 80 8f 00 0f f7 d0 4f 12 81 01 00 1f 05 80 11 .......O........
00 7d d6 27 32 6a a5 11 e1 86 38 d7 7e 8f ab dc .}.'2j....8.~...
65 07 00 0a 0a 01 26 d4 45 01 00 01 00 10 80 01 e.....&.E.......
80 .
}
}
h225pdu = {
h323_uu_pdu = {
h323_message_body = facility {
protocolIdentifier = 0.0.8.2250.0.4
conferenceID = 16 octets {
7d d4 ee e2 6a a5 11 e1 80 8f 00 0f f7 d0 4f 12 }...j.........O.
}
reason = startH245 <<null>>
callIdentifier = {
guid = 16 octets {
7d d6 27 32 6a a5 11 e1 86 38 d7 7e 8f ab dc 65 }.'2j....8.~...e
}
}
h245Address = ipAddress {
ip = 4 octets {
0a 0a 01 26 ...&
}
port = 54341
}
multipleCalls = false
maintainConnection = false
}
h245Tunneling = true
}
}
}
So I have two questions:0:02.970 H225 Answer:80 H225 Set protocol version to 4 and implying H.245 version 7
0:02.970 H225 Answer:80 H323TCP Connecting to 10.10.1.38:54341 (local port=0)
0:12.974 H225 Answer:80 H323TCP Could not connect to 10.10.1.38:54341 (local port=0) - Timed out(1073751884)
0:12.974 H225 Answer:80 H225 Connect of H245 failed: Timed out
0:12.975 H225 Answer:80 H323 Clearing connection ip$10.10.1.38:46631/5193 reason=EndedByTransportFail
0:12.975 H225 Answer:80 H323 Call end reason for ip$10.10.1.38:46631/5193 set to EndedByTransportFail
1) AFAIK when h245Tunneling is ON there is no need in separate connections for h245, but listener tries to established one above.
2) There is no ability to disable firewall on gateway. How to workaround this situation? When h245Tunneling is OFF on both sides the listener opens port for h245 (there is no firewall on listener host), gateway connects to it and everything ok. Is there any option to force this behaviour for a situation when h245Tunneling is ON?