Lifesize Icon Guide 10
Using Lifesize Systems in a Private LAN with NAT
If you choose to place your video systems in a private LAN, you must use NAT to communicate with
outside systems. This may include enabling static NAT on your Lifesize system.
On your firewall, whether standalone or built in to your router, you must complete one of the following
tasks:
• Use 1:1 NAT and open the Call Setup and Media Ports over that connection bidirectionally with an
access list.
• Forward the Call Setup and Media Ports to your Lifesize system.
Refer to Restricting Reserved Ports and your firewall vendor's documentation for more information.
Enabling Static NAT
NAT enables communication between devices on your LAN that have private IP addresses and devices
that are accessed through a public IP network. Static NAT ensures that the same public IP address always
maps to a system’s private IP address so that data from the public network intended for the private system
can be routed to the system reliably.
If you are using static NAT to associate a public IP address with the private IP address of your Lifesize
system, you must configure your Lifesize system to work with your static NAT server. From a browser,
navigate to Preferences > Network and select Static NAT. Enter the public IP address, hostname, or fully
qualified domain name of your system in NAT Public IP Address.
NOTE You cannot upgrade the system from a web browser outside a firewall when
static NAT is enabled. Instead, perform the upgrade from within the firewall.
Testing your NAT Environment
If your firewall does not employ a feature set that performs H.323 or SIP NAT, you must enable NAT on
your private Lifesize system.
1. Place a call from a system on the Internet to your system in the private LAN. If your private system
connects within the first 2 seconds after answering, your NAT configuration is working properly. If the
call does not connect after answering and disconnects after 30 to 50 seconds, the reserved port
settings on your codec do not match the settings on your firewall. Ensure that the system and firewall
settings for UDP/TCP ports match.
2. If you still cannot place a successful call, you may have to disable the stateful packet inspection
feature on the firewall. Some firewall vendors may call this feature dynamic packet filtering. Refer to
your firewall vendor's documentation for more information.
To Next Page
Loading...
Need help?
General
