15 Jan
2003
15 Jan
'03
11:33 a.m.
That's indeed one possibility for NAT traversal. It takes upgrading a NAT
with a SIP-aware NAT. Cisco PIX is told to support SIP. I was told it did
not support PPPoE, which some people may miss. The smallest PIX is becoming
affordable. Another device is Intextex (w/PPPoE).
Again -- other possibilities are UPnP, STUN, twist&tweak.
-Jiri
At 03:23 AM 1/15/2003, Kelvin Chua wrote:
I would suggest a cisco router to act as a NAT. it can
read the SIP
messages properly. Though I'm still undergoing some tests with it, so
far sa good :)
-----Original Message-----
From: serusers-admin(a)iptel.org [mailto:serusers-admin@lists.iptel.org] On
Behalf Of Jiri Kuthan
Sent: Tuesday, January 14, 2003 9:46 PM
To: Craig Graham; serusers(a)lists.iptel.org
Subject: Re: [Serusers] SER on masqueraded/NAT connection
Craigh,
the problem unfortunately lives deeper than in SER -- it is about SIP
interaction with NATs. SIP advertises IP addresses and port numbers in
its messages, a technique which does not work along with NATs. What
happens is that SIP messages from your private network get out to the
public Internet, still carry private IP addresses in it, and attempts of
other call parties to use these private IP addresses will fail.
A preview of the .11 documentation mentions these issues.
(I hope the correct link is www.iptel.org/ser/doc/, I'm offline
now.)
I'm unfortunately not aware of a method that would be able
to traverse Linux-NAT for Messengers. All of the methods
I'm aware of take some kind of NAT-support in end-devices, SIP-support
in NATs or both. They include ALG (i.e., SIP awareness in NATs,for
example intertex NATs do that), STUN (phones' ability to "fool" NATs,
for example k-phone or snom do it), UPnP (must be supported by both
phone and NAT), manual configuration (one must have "tweakable" phones
and NATs and the ability to actually tweak both), or
"symmetric phones" (like Cisco's ATA).
-Jiri
At 11:28 AM 1/14/2003, Craig Graham wrote:
--
Jiri Kuthan http://iptel.org/~jiri/
I have a Linux box at home acting as a
masquerading/NAT gateway for a
few Windows PCs, and have installed SER on there in order to use MS
Messenger to talk to people outside.
SER appears to be working in that I can get Messenger up on two PCs,
connect to SER and set up a voice connection between the two PCs.
However, I cannot connect to people offsite.
Relevant IPChains entries are
target prot opt source destination
ports
ACCEPT udp ----l- anywhere
anywhere any
->
5060
ACCEPT udp ------ anywhere anywhere any
->
7070:7080
I have made no changes to the default SIP configuration; it is working
as installed by the rpm package ser-0.8.10-1.i386.rpm. A browse through
the mailing list archive and through the admin
guide doesn't show
anything obvious. No errors are reported to /etc/messages or
/etc/syslog and serctl moni does not show anything that looks relevant.
Does anyone have any suggestions?
--
Dr. Craig Graham, Software Engineer
Advanced Analysis and Integration Limited, UK. http://www.aail.co.uk/
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
--
Jiri Kuthan http://iptel.org/~jiri/
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers