MMR - Australian VRS

deafaussie said:
Just downloaded MMX softphone application and has installed in my work computer. Amazed to see its not functioning, not being able to sign in. Have you guys in Australia signed in successfully? IP blockage?

I have Viable Vision, Sorenson and HOVRS VideoSign 2.5 installed in my PC and worked really well behind my company's firewall. Network engineer has set up in Cisco firewall appliance just for me which only NAT to my work PC.

JClarke, I can provide you the configuration file for your IT people that uses the H323 and SIP protocol. Only if your employer uses the Cisco. Good luck!
Click to expand...

PM me the details, deafaussie!

MMX is not good, I tried to download, got nothing. But am allowed to use Viable Vision instead. I will make sure ACE is developing overtime, I am considering to write an email to a friend of mine who works for ACE to suggest some ideas.
 
Good deal for both of DeafAussie and JClarke.
 
How to Establish NetMeeting Connections Through a Firewall

You show it to your IT tech. Explain that you are using NetMeeting or other software to make Video Relay Service calls. Some companies will not make changes and some will. If you can’t convince them change the firewall settings, you can try and ask for a separate DSL line to be installed in your office to make VRS calls. A separate computer may be necessary in some offices, since the DSL connection could make your work computer vulnerable without a firewall.
 
Jclark. I removed my company's IP addresses and has replaced with something that you could learn from. Also, these are for Cisco Concentrator (firewall) devices installed in your workplace. Good luck with the setup

access-list inbound extended permit esp host <See Information #2> any (hitcnt=0)
access-list inbound extended permit esp host <See Information #2> any (hitcnt=0)
access-list inbound extended permit ah host <See Information #2> any (hitcnt=0)
access-list inbound extended permit ah host <See Information #2> any (hitcnt=0)
access-list inbound extended permit udp host <See Information #2> any eq isakmp (hitcnt=0)
access-list inbound extended permit udp host <See Information #2> any eq isakmp (hitcnt=0)
access-list inbound extended permit object-group tcp-udp any host <See Information #1> eq 5060
access-list inbound extended permit tcp any host <See Information #1> eq 5060 (hitcnt=0)
access-list inbound extended permit udp any host <See Information #1> eq 5060 (hitcnt=1)
access-list inbound extended permit tcp any host <See Information #1> object-group H323
access-list inbound extended permit tcp any host <See Information #1> eq 1503 (hitcnt=0)
access-list inbound extended permit tcp any host <See Information #1> eq h323 (hitcnt=1)
access-list inbound extended permit tcp any host <See Information #1> eq 1731 (hitcnt=0)
access-list inbound extended permit object-group tcp-udp any host <See Information #1> eq 554
access-list inbound extended permit tcp any host <See Information #1> eq 554 (hitcnt=1)
access-list inbound extended permit udp any host <See Information #1> eq 554 (hitcnt=0)
access-list inbound extended permit tcp any host <See Information #1> eq ldap (hitcnt=1)
access-list inbound extended permit tcp any host <See Information #1> eq 522 (hitcnt=0)
access-list inbound extended permit tcp any host <See Information #1> eq 1503 (hitcnt=0)
access-list inbound extended permit tcp any host <See Information #1> eq h323 (hitcnt=0)
access-list inbound extended permit tcp any host <See Information #1> eq 1731 (hitcnt=0)
access-list inbound extended permit udp any host <See Information #1> eq 1731 (hitcnt=0)
access-list inbound extended permit tcp any host <See Information #1> range 15328 15348 (hitcnt=0)
access-list inbound extended permit udp any host <See Information #1> range 15328 15348 (hitcnt=1)
access-list inbound extended permit udp any host <See Information #1> range 1024 65535 (hitcnt=2912)
access-list outbound extended permit udp any host <See Information #2> (hitcnt=30533)
access-list outbound extended permit udp any host <See Information #2> (hitcnt=4)

Sho NAT | Include <See Information #1>

static (outside,inside) <See Information #1> <See Information #3> netmask 255.255.255.255 tcp 0 50

Information #1 is the EXTERNAL PUBLIC IP address which the VRS can call you the firewall system detects it and forwards that to your PC or your VPAD
Information #2 No idea what the IPs are for perhaps your Cisco engineer can understand these.
Information #3 is VPAD or your PC PRIVATE IP address which should setup as STATIC not DYNAMIC

Also the Cisco can handle many public IP addresses. One IP address is very restricted for all employees here which blocks AIM, MSN and anything else. other IP which is actually mine has less restrictive settings allowing me to gain access to the internet more freely.

Your engineer can setup another public IP and add it to your firewall along with the existing IP addresses. VRS or MMR can call you on a separate public IP address intended for your videophone. Win-Win situation for all of us involved
 
deafaussie said:
Jclark. I removed my company's IP addresses and has replaced with something that you could learn from. Also, these are for Cisco Concentrator (firewall) devices installed in your workplace. Good luck with the setup

access-list inbound extended permit esp host <See Information #2> any (hitcnt=0)
access-list inbound extended permit esp host <See Information #2> any (hitcnt=0)
access-list inbound extended permit ah host <See Information #2> any (hitcnt=0)
access-list inbound extended permit ah host <See Information #2> any (hitcnt=0)
access-list inbound extended permit udp host <See Information #2> any eq isakmp (hitcnt=0)
access-list inbound extended permit udp host <See Information #2> any eq isakmp (hitcnt=0)
access-list inbound extended permit object-group tcp-udp any host <See Information #1> eq 5060
access-list inbound extended permit tcp any host <See Information #1> eq 5060 (hitcnt=0)
access-list inbound extended permit udp any host <See Information #1> eq 5060 (hitcnt=1)
access-list inbound extended permit tcp any host <See Information #1> object-group H323
access-list inbound extended permit tcp any host <See Information #1> eq 1503 (hitcnt=0)
access-list inbound extended permit tcp any host <See Information #1> eq h323 (hitcnt=1)
access-list inbound extended permit tcp any host <See Information #1> eq 1731 (hitcnt=0)
access-list inbound extended permit object-group tcp-udp any host <See Information #1> eq 554
access-list inbound extended permit tcp any host <See Information #1> eq 554 (hitcnt=1)
access-list inbound extended permit udp any host <See Information #1> eq 554 (hitcnt=0)
access-list inbound extended permit tcp any host <See Information #1> eq ldap (hitcnt=1)
access-list inbound extended permit tcp any host <See Information #1> eq 522 (hitcnt=0)
access-list inbound extended permit tcp any host <See Information #1> eq 1503 (hitcnt=0)
access-list inbound extended permit tcp any host <See Information #1> eq h323 (hitcnt=0)
access-list inbound extended permit tcp any host <See Information #1> eq 1731 (hitcnt=0)
access-list inbound extended permit udp any host <See Information #1> eq 1731 (hitcnt=0)
access-list inbound extended permit tcp any host <See Information #1> range 15328 15348 (hitcnt=0)
access-list inbound extended permit udp any host <See Information #1> range 15328 15348 (hitcnt=1)
access-list inbound extended permit udp any host <See Information #1> range 1024 65535 (hitcnt=2912)
access-list outbound extended permit udp any host <See Information #2> (hitcnt=30533)
access-list outbound extended permit udp any host <See Information #2> (hitcnt=4)

Sho NAT | Include <See Information #1>

static (outside,inside) <See Information #1> <See Information #3> netmask 255.255.255.255 tcp 0 50

Information #1 is the EXTERNAL PUBLIC IP address which the VRS can call you the firewall system detects it and forwards that to your PC or your VPAD
Information #2 No idea what the IPs are for perhaps your Cisco engineer can understand these.
Information #3 is VPAD or your PC PRIVATE IP address which should setup as STATIC not DYNAMIC

Also the Cisco can handle many public IP addresses. One IP address is very restricted for all employees here which blocks AIM, MSN and anything else. other IP which is actually mine has less restrictive settings allowing me to gain access to the internet more freely.

Your engineer can setup another public IP and add it to your firewall along with the existing IP addresses. VRS or MMR can call you on a separate public IP address intended for your videophone. Win-Win situation for all of us involved
Click to expand...


Thanks, deafaussie, I will make sure I can get ahold of the IT engineer...it will take time to get ahold of these people.
 
DeafAussie, good explaining for JClarke s network at work. I will try to use Viable Vision at my work to disable firewall system soon.
 
Unfortunately, nothing is possible to have access to the videophone nor Viable Vision, since they refused to do it, the software needs ports to be opened so they can't do anything. Which disappoints me. I am considering to get a seperate internet access wirelessly for my VPAD.
 
JClarke said:
Unfortunately, nothing is possible to have access to the videophone nor Viable Vision, since they refused to do it, the software needs ports to be opened so they can't do anything. Which disappoints me. I am considering to get a seperate internet access wirelessly for my VPAD.
Click to expand...

:ugh2: damn it! If you can’t convince them change the firewall settings, you can try and ask for a separate DSL line to be installed in your office for your VPAD. A separate computer may be necessary in some offices, since the DSL connection could make your work computer vulnerable without a firewall.

Last three years agoI had worked for SorensonVRS to install videophone for deaf customer at work to separate internet access into hub with IT tech to put MAC ID number for firewall. Worked for connection.
 
Doesn't matter, I can use my laptop for it anyway. I need is an USB wireless internet usage. I will find out if it is suitable or not.
 
yes but i have to ask for permission so i'd rather use my own internet.
 
Do you have USB WiFi adapter for your VPAD? or buy new one?
 
I already have D-link wifi adaptor and I have been using it with my VPAD at home
 
Ummm, are you working for the Australian Public Sector Service?

If so - things can get complicated with information technology policies and I dont really know how your IT infrastructure sets up in that way.

Before I was granted video access to the Internet. I tabled my suggestion to the IT committee.

1. DSL or Cable modem can be installed in the server room and have the Ethernet cable connect to my VP-100 but the ethernet switch system will have to add another VLAN to make it work. They will have to pay for ISP charges.

2. Use the existing firewall device and have the network engineer to add another public IP address (Internet side), Ethernet cable connect to VP-100. VLAN set up as well.

3. Same as 2 but connect to work desktop and uses the Videosign 2.5 installed and have the software firewall installed. This is the most preferred setup for me.

They had decided to go for Option 3 and it took about 2 weeks to play around with the settings and finally it worked to my classification. I love the ADA = Australians with Disabilities Act.

Good luck with the bureaucrats.

John//
 
John,

I work for the education & employment department.
They won't do anything becuase they are concerned about opening it to the public and whatnot so there is nothing I can do with it. :(

Option to bring my laptop and get a internet account wirelessly via USB to use the Viable Vision on my laptop.
 
I work for the education & employment department.
They won't do anything because they are concerned about opening it to the public and whatnot so there is nothing I can do with it. :(
Click to expand...

They are UNEDUCATED fools. How could they concern about opening to the public from VPAD. Their firewalls are capable of isolating one IP directly to your VPAD and leave the rest fully secured.

Alternatively, get them to try out the Option 1 I had suggested.
 
It would be better off using Viable Vision but I have not suggested them about my VPAD since they are in the same way of the connection, servers get blocked off. :(
 
JClarke said:
John,

I work for the education & employment department.
They won't do anything becuase they are concerned about opening it to the public and whatnot so there is nothing I can do with it. :(

Option to bring my laptop and get a internet account wirelessly via USB to use the Viable Vision on my laptop.
Click to expand...

How far is from wireless internet area into your office room? should be 100 ft range or less.
 
the wireless point from my office is about 3 - 5 meters away from my desk
 
Back
Top