Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Kerio + MMS + Windows Media Server
  •  
imptech

Messages: 3
Karma: 0
Send a private message to this user
Hi,

I am having some trouble getting streaming from a Windows
Media Server to work well with Kerio WinRoute on a Win2003 box.

There are two parts I am working on:

a) Initial Connection and Streaming
b) repositioning of the movie timeline

The first part works OK, I can connect and start streaming
OK. It is noticably slower that with no firewall at all.

My current problem is when I reposition the cursor on the
movie timeline to the movie hangs and stops playing.

I have:

incoming:
src:any dst:firewall type:http permit
src:any dst:firewall type:mms permit
src:any dst:firewall type:rtsp permit

outgoing
src:firewall dst:any type:any permit

Something breaks when the client repositions their
timeline, ie they want to stream from a different
point in the movie.
I guess the client player is trying to connect back
somewhere somehow.

Any advice is greatly appreciated.
Cheers,
Regards Rudi.



  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
Add logging to the traffic rules and watch the filter log for deny / drop packets from the client ip address. In that log line should be the port the client is trying to connect to. Find the service for that port and update the rule.
  •  
imptech

Messages: 3
Karma: 0
Send a private message to this user
Hi,

Thanks for your advice, so far no joy though.

At first I thought, yes this will show me where the problem is
but so far it's not working out that way.

This is what I have and what I want to do.

a) Use Windows Media Player/Win 2003 Media Server + Kerio Firewall.

I can connect OK but when I reposition the time line the movie
should reposition and start playing but instead just hangs.

I was hoping to see the problem in the filter table as I have logging on.

incoming:
http - src:any dst:firewall type:http permit
mms - src:any dst:firewall type:mms permit
rtsp - src:any dst:firewall type:rtsp permit

outgoing
src:firewall dst:any type:any permit

Sample from log:
[07/Nov/2004 21:13:29] PERMIT "rtsp" packet from Local Area Connection, proto:TCP, len:40, ip/port:203.144.xx.xxx:1909 -> 64.237.xx.xx:554, flags: RST ACK , seq:3614586755 ack:2191414882, win:0, tcplen:0
[07/Nov/2004 21:13:30] PERMIT "rtsp" packet from Local Area Connection, proto:TCP, len:40, ip/port:203.144.xx.xxx:1909 -> 64.237.xx.xx:554, flags: RST , seq:3614586754 ack:3614586754, win:0, tcplen:0


Here you can see the 'rtsp' ( real time streaming protocol ) is permitting packets through.

When I reposition the time line the movies start buffering but stops and just hangs.

I am logging my default rule of deny but not not see anything related to the IP I'm connecting from: 203.144.xx.xxx

Sample from log: ( it's interesting to note none of the IPs below below to myself or the firewall )
[07/Nov/2004 22:11:22] DROP "Default traffic rule" packet from Local Area Connection, proto:UDP, len:78, ip/port:66.55.134.210:137 -> 66.55.134.223:137, udplen:50
[07/Nov/2004 22:11:26] DROP "Default traffic rule" packet from Local Area Connection, proto:UDP, len:78, ip/port:66.55.134.210:137 -> 66.55.134.223:137, udplen:50
[07/Nov/2004 22:11:26] DROP "Default traffic rule" packet from Local Area Connection, proto:UDP, len:235, ip/port:216.32.202.214:138 -> 216.32.202.255:138, udplen:207
[07/Nov/2004 22:11:32] DROP "Default traffic rule" packet from Local Area Connection, proto:UDP, len:229, ip/port:64.237.34.18:138 -> 64.237.34.31:138, udplen:201
[07/Nov/2004 22:11:58] DROP "Default traffic rule" packet from Local Area Connection, proto:UDP, len:229, ip/port:64.237.38.130:138 -> 64.237.38.143:138, udplen:201
[07/Nov/2004 22:12:06] DROP "Default traffic rule" packet from Local Area Connection, proto:UDP, len:78, ip/port:64.237.43.66:137 -> 64.237.43.79:137, udplen:50
[07/Nov/2004 22:12:08] Last message repeated 3 times

Both the samples above mention 'Local Area Connection', I'm wondering if this is affecting the streaming.
My rules for 'Local Area Connection' are:

src:firewall dst:Local Area Connection type:any permit
src:Local Area Connection dst:firewall type:Ident deny
src:Local Area Connection dst:firewall type:any permit

Hmmm ... please help ....

Thanks,
Kind regards Rudi.
Previous Topic: Need a copy of Winroute 4.x.x, anyone know where?
Next Topic: KWF 6.0 On a a MS Terminal Server
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 19:00:28 CET 2017

Total time taken to generate the page: 0.00439 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.