Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
dimiro
New Contributor

Remove H.323 port 1720

Hi Guys,

My first post here, i´m brazilia and i´m beginner on fortigate. :(

 

I need to configure a role on my fortigate 60c with v4 mr2 for a conection with a polycom, but not works because the port 1720 is already open.

I removed the sip helper doing this, but not success.. :(

 

config system session-helper edit 1 set name pptp set port 1723 set protocol 6 next edit 2 set name h323 set port 1720 set protocol 6 next edit 3 set name ras set port 1719 set protocol 17 next *** snip *** edit 12 set name sip set port 5060 set protocol 17 next edit 13 set name dns-udp set port 53 set protocol 17 next end To disable the SIP and H.323 session helpers use the following syntax: config system session-helper delete 12 delete 3 delete 2 end

 

config system settings set sip-helper disable end and config system settings set sip-nat-trace disable end

2 REPLIES 2
Iescudero
Contributor II

hi Dimiro!

First of all, give me more details of your topology to fully understand what is not working.

is something like the picture like i attached??

 

 

 

 

emnoc
Esteemed Contributor III

Same here, do yo have a topology to include the H.323 endpoints that you have? SIP has nothing to do with  H.323 and yuo might want to find the operating ports  with your voice/media path.

 

What I've done in the past is to create a custom range and apply policy for and just between the h.323 endpoints. Set QoS priority  and you should be golden.

 

 

ken

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Labels
Top Kudoed Authors