Klaus,
Many commersial grade firewalls do not keep sessions alive, regardsless
of external pings, so it won't work in rather too many cases.
Also, assuming many users (10k, 100k) doing natpings will be heavy.
But alas, NATs are a hack and maybe the only remedies will also be
hacks, with all the pros and cons.
cheers
/hans
4 dec 2003 kl. 17.43 skrev Klaus Darilion:
Yes, the ports at the client are identical, but the
NAT router uses
other ports at the public interface, e.g. if the client behind the NAT
uses port 5060 for SIP (send&receive), the NATs publice interface may
user for example port 50000. Therefore, the client listen on port 5060,
but the packets have to be sent to port 50000 of the public IP address
and then the NAT router rewrites the port back to 5060. Hence, the
nathelper modules rewrites the IP address and the port in the contact
header before saving them in the location database.
If the session in the NAT router times out although using natping,
thats
a pit. Maybe it helps to ping the proxy from the client, e.g. the
budgetone phones support keep alive pinging.
Klaus