JSI Tip 7942. How can I disable/enable H.323 functionality on a RRAS NAT server?

When RRAS (Routing and Remote Access Service) is configured as a NAT (Network Address Translation) server, you can use the Netsh tool to enable or disable the H.323 functionality.

In Windows 2000, H.323 functionality is enabled by default when you use RRAS configured with the NAT routing protocol.

In Windows Server 2003, H.323 functionality is disabled by default when RRAS is configured as a NAT server.

NOTE: Disabling H.323 functionality on a RRAS NAT server DOES NOT disable it for ICS (Internet Connection Sharing, ICF (Internet Connection Firewall, aka Windows Firewall), TAPI (Telephony API), or NetMeeting.

To disable H.323 functionality:

1. Open a CMD prompt while you are logged on with administrative privileges.

2. Type netsh routing ip nat delete h323 and press Enter.

To enable H.323 functionality:

1. Open a CMD prompt while you are logged on with administrative privileges.

2. Type netsh routing ip nat add h323 and press Enter.

NOTE: See MS04-001: A vulnerability in an Internet Security and Acceleration Server 2000 H.323 filter could allow remote code execution.



Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish