لطفا منتظر باشید ...
Lesson 1 Configuring Clients to Use H.323 Gatekeeper
H.323 Gatekeeper facilitates conference calling on your network and allows you to conduct real-time sessions through the ISA Server firewall. You need to register H.323 clients, such as Microsoft NetMeeting 3.0, with H.323 Gatekeeper in order to take advantage of its services.
After this lesson, you will be able to
Describe the various functions of H.323 Gatekeeper in videoconferencing
Register a client with H.323 Gatekeeper
Estimated lesson time: 40 minutes
H.323 Protocol
The H.323 standard is a set of protocols developed by the International Telecommunications Union (ITU) to meet videoconferencing needs for a wide range of networking environments. H.323 makes real-time multimedia possible over networks that do not provide quality of service (QoS). It can also bridge audio and video sessions from packet-switched networks, such as an intranet or the Internet, to circuit-switched and cell-switched networks such as Integrated Services Digital Network (ISDN) networks, Asynchronous Transfer Mode (ATM) networks, and the Public Switched Telephone Network (PSTN). For example, it is possible to make a call from an H.323 client to a regular telephone on the PSTN. The H.323 standards also provide for communications between a standard PSTN telephone and a computer-based client.
H.323 defines four major components for a network-based conferencing system: terminals, gateways, gatekeepers, and multipoint control units (MCUs). Terminals are the client endpoints on the local area network (LAN) running an H.323-compliant application such as NetMeeting 3.0. An H.323 gateway provides connectivity between an H.323 network and a non–H.323 network, such as the PSTN. A gatekeeper acts as the central point for conference calls and provides control services and call routing to registered endpoints. The MCU supports conferences between three or more endpoints.
Overview of H.323 Gatekeeper
As the focal point of the H.323 network, ISA Server's H.323 Gatekeeper works with the H.323 protocol filter to provide registered clients with address resolution, call authentication, and call routing. Clients registered with H.323 Gatekeeper can use its services to participate in video, audio, and data conferences—in local area networks, in wide area networks, across multiple firewalls, and over the Internet. The H.323 Gatekeeper can also be used to route calls intelligently, in a way that is based on the called party's address.
H.323 Gatekeeper Snap-in
The management tool for H.323 Gatekeeper is the H.323 Gatekeeper snap-in. This tool appears as a node in ISA Management when H.323 Gatekeeper is installed. Whenever you perform a full installation of ISA Server, the H.323 Gatekeeper node appears in the console tree of ISA Management, but you must still add a gatekeeper before you can begin using the service. You can add a gatekeeper by right-clicking the H.323 Gatekeeper node in ISA Management and selecting Add Gatekeeper.
Once you add a gatekeeper, you can use the H.323 Gatekeeper snap-in to configure routing rules for calls specified by phone number, user alias, or Internet Protocol (IP) address. You can also use the H.323 Gatekeeper snap-in to register static users and to define destinations for routing rules you later configure.
H.323 Gatekeeper Usage Scenarios
The following scenarios illustrate various situations and contexts in which H.323 Gatekeeper can be used to enable real-time, point-to-point, and multipoint communications in your network.
Intra-Enterprise Conference Call Scenario
In this scenario, numerous users within a single organization use applications, such as NetMeeting 3.0 or later, that are H.323-compliant. ISA Server and H.323 Gatekeeper are installed and running. Users register themselves with H.323 Gatekeeper using a well-known alias (for example, an e-mail address) and a phone number. All users are able to call each other using the called party's well-known alias or phone number. Users are able to use audio, video, and T.120 (multipoint) data and application sharing.
An intra-enterprise conference call scenario with H.323 Gatekeeper is illustrated in Figure 8.1.
Figure 8.1 Intra-enterprise conferencing
Inter-Enterprise Conference Call Scenario
In this scenario, numerous users within the organization use applications that are compliant with H.323 Gatekeeper, such as NetMeeting 3.0 or later. ISA Server, H.323 Gatekeeper, and the H.323 protocol filter are installed and running on the firewalls of both organizations. Users register themselves with their respective H.323 Gatekeeper using a well-known alias. All users in each organization are able to call all users in the other organization using the called party's alias. Users are then able to use audio, video, and T.120 data and application sharing. For example, User1 can communicate with User4 by typing User4@organizationB.microsoft.com in the NetMeeting 3.0 Place A Call dialog box and then clicking the Call button. The call reaches User4, regardless of his or her location within organization B. User4's IP address is concealed from User1 and all other callers from organization A.
This inter-enterprise conference call scenario with H.323 Gatekeeper is illustrated in Figure 8.2.
Figure 8.2 Inter-enterprise conferencing
PSTN Call Scenario
The Public Switched Telephone Network (PSTN) is a circuit-switched network that is optimized for real-time voice communication. When you place a call, you close a switch by dialing, which establishes a direct circuit with the other party. The PSTN guarantees QoS by dedicating the circuit to your call until you disconnect. Whether you and your connected party are talking or silent, you continue to use the same circuit until you disconnect.
In this scenario, numerous users within the organization use applications such as NetMeeting 3.0 that are H.323-compliant. H.323 Gatekeeper is installed and running on the network. Users register themselves with H.323 Gatekeeper using a well-known alias (such as an e-mail address) and a phone number. An H.323 gateway is also installed and running on the network. It is configured to enable H.323 Gatekeeper to direct calls between the IP and PSTN networks. All users are able to make calls to PSTN numbers by using NetMeeting to dial the number from their desktops. Users are also able to receive calls from the PSTN network through NetMeeting 3.0 or later.
A conferencing scenario in which H.323 clients connect to the PSTN is illustrated in Figure 8.3.
Figure 8.3 IP-to-PSTN conferencing
Registering Clients with H.323 Gatekeeper
Every H.323 transaction has two endpoints, an origination endpoint and a destination endpoint. An endpoint can be an H.323 client (for example, a terminal running NetMeeting), a proxy server (such as an ISA Server computer running the Web Proxy service), or a gateway. Endpoints typically register automatically with H.323 Gatekeeper by using the H.323 Registration, Admission, and Status (H.323 RAS) protocol. You can also use the H.323 Gatekeeper snap-in to add a static registration to endpoints that do not support H.323 RAS registration.
Statically registered clients cannot accept inbound calls.
H.323 Gatekeeper supports the following three types of H.323 RAS addressing:
E164 phone number addressing, which uses characters 0-9.
H.323 ID addressing, which uses anything similar to e-mail addresses or Domain Name System (DNS) strings, including account names and machine names. No syntax is defined.
Email-ID type addressing.
Endpoint Attributes
When an endpoint is registered through H.323 RAS, the following attributes are specified:
The Q931 address for the endpoint. For H.323 calls, this address consists of a combination of the IP address of the endpoint and the port used for H.323 communications (by default, 1720). For example, 192.168.0.2:1720 and 10.0.0.5:1720 both constitute possible Q931 addresses.
The Q.931 protocol is a connection-control protocol for establishing connections and framing data. Roughly comparable to Transmission Control Protocol (TCP), the Q.931 protocol is used to manage connection setup and breakdown for H.323 calls.
The RAS address for the endpoint. This address consists of an IP address and a distinct port number used for RAS communications. A unique RAS ID number is also assigned to each registered terminal.
List of aliases.
Aliases
An alias consists of two fields, a type and a name, where the type would be E164, H323-ID, or Email-ID.
For example, when you register a NetMeeting client with H.323 Gatekeeper, as shown in Figure 8.4, the account name text box is registered in H.323 Gatekeeper as an H323-ID alias, and the phone number as an E164 alias.
Figure 8.4 NetMeeting fields used by H.323 Gatekeeper
When you select the Active Terminals node in the ISA Management console tree, the H323-ID (or Email-ID) and E164 aliases are displayed in the Account and Phone columns, respectively, in the details pane. You can right-click the terminal in the list and select Properties to display all registered aliases. Figure 8.5 displays the properties dialog box for the terminal registered by the NetMeeting client shown in Figure 8.4.
Figure 8.5 E164 and H.323-ID aliases for a NetMeeting client
H.323 Gatekeeper enforces unique Q931 addresses, but it does not enforce unique aliases. Allowing multiple instances of an alias registration with a unique Q931 address enables the client to register at multiple terminals. Only the most recent registration for an alias is active for resolving alias requests.
Client Address Translation
Any client who wants to be available through a well-known alias must register with H.323 Gatekeeper. (A well-known alias can be an e-mail address, such as someone@microsoft.com.) In addition, clients must register with H.323 Gatekeeper if they use translation services when placing outbound calls—for example, if they use NetMeeting 3.0 or later to place a call to a PSTN device.
Outbound calls that do not require translation services may be placed without H.323 Gatekeeper.
Suppose you are in your company office and want to contact a person over the Internet. His name is Someone, and he works at Microsoft. The person is registered at Microsoft with H.323 Gatekeeper as someone@microsoft.com. Because he is registered with H.323 Gatekeeper, you can contact him using his well-known alias—someone@microsoft.com—even if there is no real e-mail address corresponding to that alias. If you placed a call to someone@microsoft.com using NetMeeting 3.0, the following events would take place.
From Within Your Company
NetMeeting 3.0 connects with your in-house H.323 Gatekeeper.
The H.323 Gatekeeper does not recognize microsoft.com as an internal address and forwards the call to the ISA Server computer within your company.
ISA Server looks up the address for microsoft.com and makes the query over the Internet to microsoft.com.
At the Destination
When the ISA Server computer at microsoft.com receives the query for someone@microsoft.com, it contacts the internal H.323 Gatekeeper at microsoft.com to obtain the correct in-house address.
The H.323 Gatekeeper at microsoft.com translates the alias into a network address for ISA Server.
The ISA Server at microsoft.com sends a confirmation back to ISA Server at your company and establishes the connection.
From this point through the end of the communication, the ISA Server holds open the link established by H.323 Gatekeeper.
Someone is not required to have a valid, externally routable IP address, and the address will remain hidden from other endpoints by the ISA Server. This is because the H.323 Gatekeeper performs address translation for the internal client.
You can set restrictions within the ISA Server H.323 Filter application filter to permit or deny video, audio, T.120 data, and application sharing. You can also set time restrictions to limit the hours available for H.323-compliant communications.
Installing H.323 Gatekeeper
H.323 Gatekeeper installation is performed automatically when the Full Installation option is selected during ISA Server installation. However, H.323 Gatekeeper can be installed at any time.
Follow these steps to install H.323 Gatekeeper:
Click the Start button, point to Settings, click Control Panel, and then double-click Add/Remove Programs.
In the Currently Installed Programs area, click Microsoft Internet Security And Acceleration Server, and then click the Change button.
In ISA Server Setup, click the Add/Remove button.
In the Installation dialog box, click Add-in services and then click the Change Option button.
Click the Install H.323 Gatekeeper Service and then click OK.
Click the Continue button to complete the installation.
Before you install or configure H.323 Gatekeeper, you should also consider the following:
H.323 Gatekeeper does not provide any security.
If you are managing ISA Server or H.323 Gatekeeper remotely on a computer running Microsoft Windows 2000 Professional, you cannot access all of the tools and Help topics unless you have installed the ISA Server and H.323 Gatekeeper Administration Tools.
H.323 Gatekeeper does not enforce uniqueness of aliases for registration. However, each Q931 address must be unique. The H.323 Gatekeeper uses only the most recently registered active terminal for any one alias. This allows a user to register under one alias from multiple locations.
The H.323 Filter application filter does not support H.225 signaling across ISA Server. For example, a NetMeeting 3.0 user who is located on an internal network cannot register with a gatekeeper that is located on the Internet. Also, an H.323 Gatekeeper that is running on the internal network cannot exchange location messages with a gatekeeper running on the Internet.
ISA Server provides support for fast Kernel-mode data pumping of Real-Time Transport Protocol (RTP) audio and video media while making calls across ISA Server using NetMeeting 3.0 or later.
Practice: Configuring a Client to use H.323 Gatekeeper
Exercise 1: Adding a Gatekeeper
When you perform a full installation of ISA Server, the H.323 Gatekeeper node appears in ISA Management. However, you still need to add a gatekeeper if you want to take advantage of H.323 Gatekeeper services.
To add a gatekeeper
Log on to Server1 as Administrator.
In ISA Management, right-click the H.323 Gatekeepers node and click Add Gatekeeper.The Add Gatekeeper dialog box appears.
Leave the This Computer radio button selected as the default, and click OK.
The Server1 icon appears beneath the H.323 Gatekeeper node in the console tree.
Exercise 2: Configuring NetMeeting to Use H.323 Gatekeeper
The H.323 RAS protocol makes possible automatic registration of H.323 terminals (clients) with an H.323 Gatekeeper. To initiate this registration using NetMeeting, you simply need to configure the client to place calls with the gatekeeper. In this exercise, you configure NetMeeting first and then register the client with your network's H.323 Gatekeeper.
To register NetMeeting with H.323 Gatekeeper
Log on to domain01 from Server2 as User1.
Click the Start menu, point to Programs, point to Accessories, point to Communications, and click NetMeeting.A NetMeeting page appears describing the features of NetMeeting.
Click Next.A new page appears asking you to supply information about yourself.
In the First Name text box, type Test.
In the Last Name text box, type User.
In the Email Address text box, type testuser@domain01.local.
Click Next.A new page appears prompting you for information about a directory server.
Clear the Log On To A Directory Server When NetMeeting Starts check box.
Click Next.A new page appears asking you to specify the speed of your connection.
Select the Local Area Network radio button.
Click Next.A new page appears allowing you to put shortcuts on your desktop and on the Quick Launch portion of your taskbar.
Click Next.The Audio Tuning Wizard page appears.
Click Next through all of the remaining pages, leaving all of the default settings. You can safely ignore any warning messages you receive about the quality of your sound card, microphone, or audio.
Click Finish to exit the Audio Tuning wizard.The NetMeeting – Not In A Call console appears on your desktop.
In the NetMeeting – Not In A Call console, click the Tools menu and then click Options.The Options dialog box appears.
Click the Advanced Calling button.The Advanced Calling Options dialog box appears.
Select the Use A Gatekeeper To Place Calls check box.
In the Gatekeeper text box, type server1.
Click the Log On Using My Account Name check box.
In the Account Name text box, type MyName.
Click OK.
In the Options dialog box, click OK.
Exercise 3: Testing the Configuration
In this exercise, you check the list of active H.323 terminals in ISA Management to verify that your NetMeeting client has been recognized by the gatekeeper.
To test the configuration
On Server1, open ISA Management.
In the console tree, expand the H.323 Gatekeeper node, and then expand the Server1 node.
In the console tree, click the Active Terminals icon.MyName is listed in the details pane. The user MyName is now ready to send and receive calls through H.323 Gatekeeper.
Lesson Summary
H.323 is a standard developed by the ITU to provide real-time, interactive videoconferencing for a wide range of network environments. As the focal point of the H.323 network, ISA Server's H.323 Gatekeeper provides registered clients with address resolution, call authentication, and call routing. H.323 Gatekeeper also allows H.323-compatible clients to conference across the Internet and through the ISA Server firewall. An example of an H.323-compatible client is NetMeeting 3.0 or later.
Any client user who wants to be available through an alias instead of an IP address must register with H.323 Gatekeeper. Clients typically register automatically with H.323 Gatekeeper by using the H.323 Registration, Admission, and Status (H.323 RAS) protocol. You can also use the H.323 Gatekeeper snap-in to add a static registration to endpoints that do not support H.323 RAS registration. H.323 Gatekeeper supports three types of aliases: E164 addressing (phone number), H.323-ID addressing (open syntax allowing e-mail addresses, DNS strings, account names, and machine names), and Email-ID addressing.
The management tool for H.323 Gatekeeper is the H.323 Gatekeeper snap-in. This tool appears as a node in ISA Management when H.323 Gatekeeper is installed. H.323 Gatekeeper installation is performed automatically when the Full Installation option is selected during ISA Server installation. However, H.323 Gatekeeper can be installed at any time.
