Re: [GnomeMeeting-list] through NAT without _any_ forwarding - this seems to be possible!

[klakier pld org pl (Rafał Kleger-Rudomin)]

Damien Sandras <dsandras seconix com> writes:

[...]

> However, I"m 100% sure that Netmeeting doesn't work from behind a
> firewall/NAT router. There is no way. Even if you put the IP of their
> router instead of their natted IP in the packets, when their firewall
> will receive the packets, it will not forward them to the internal
> machine except if the audio/video connection was started from their
> inside lan. 

And this is the case - I always get UDP packets from NATed machine.

> But if the audio/video connection is started from your
> machine, it will arrive to their router, and the packets will be
> dropped. 

That's true.

> And you cannot really control who is starting the audio/video
> connection. It doesn't depend of who is calling/called. That is
> negotiated in the protocol.

I was called couple of times by clients that are behind NAT, both GM and NM.
In all cases in I got audio/video from them. Conclusion: when NM/GM 
client calls other GM client, they always negotiate that the caller initiates
all connections.
 
> I understand the admin doesn't want to make any effort to make NM work
> from behind the firewall, because it would need to allow all imaginable
> ports. They are all random in Netmeeting.

I do not know what he want or not because he doesn't respond.

I can see that you are not very enthousiastic about my idea ;)
Is that because NM is the second endpoint? If it works, it is also 
solution for GM users.

I want to simply try it. Tell me please, can I change this address 
from GM code, or do I have to hack openh323? Where should is start?

Regards,
Rafal

-- 
Rafa~ Kleger-Rudomin (klakier pld org pl)