> From: "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx> > Organization: eServices For You > Reply-To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Date: Fri, 12 Sep 2003 12:18:32 -0700 > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Subject: [isalist] RE: Skype? > > http://www.ISAserver.org > > >> I just downloaded Skype and have been playing with it-- it's a pretty > slick >> P2P VoIP tool. It works great when my laptop is plugged straight into the >> DSL modem, but something it does makes ISA have heartburn. Their FAQ >> (http://www.skype.net/help_faq.html) says that you need outbound TCP 80 > open >> (already done), plus send->receive on the high UDP ports. However, that >> wasn't enough to allow me to sign up for an account, much less use the >> service. Has anyone figured out exactly which ports have to be open? > > Any software that requires a range of ports to be open incoming and outgoing > has no place in a business environment, unless they work with the firewall > vendors so they can be configured for application layer filtering. Well, my business environment is mine, and there's some value to use in using a client like Skype since we have people flung all over the place. > However, this is from there website: > > "I can't connect to Skype from work or due to a restrictive firewall. Which > ports need to be opened in order to use Skype? > The Minimum requirement is to open up outgoing TCP port 80. In order to > achieve the best quality, also open up outgoing UDP for all ports in > stateful mode, so that replies to sent UDP packets are let in." Yes, I read that, and I understand the security implications. Receive-after-send is OK by me since it's restricted to particular client machines. I was hoping to hear from someone who actually had it working. > Now, if they feel that strongly about their product, why not work with MS or > other firewall vendors to get their protocol configured and added to > firewalls. That would make it easy to work with. I'd like to see them support either UPnP or Rendezvous (err, ZeroConf).