4 Dec
2003
4 Dec
'03
10:27 p.m.
On Dec 04, 2003 at 15:22, Ricardo Villa <ricvil(a)epm.net.co> wrote:
On our lab we have a RH7.3 box with iptables firewall
and NAT. When we were
initially testing the nathelper module we found out that external pings did
NOT keep the sessions alive on this box. Only pings going from inside
towards the internet. At that point we decided to simply rely on the
ability of devices like the ATA186 and GS phones to send a SIP Dummy packet
from behind the NAT in order to keep the sessions alive. So far this
approach has worked 100%. It is possible that the Linux box just needed
some tweaking, but we needed a solution that worked seamlessly with all
customers.
I belive we also tested another common broadband home router and it behaved
the same way.
Did you try with smaller ping times?
My freebsd nat box work perfectly with nat ping interval set to 30s.
natping should keep the bindings alive also on any linux based nat (just
make sure the nat ping interval is greater then the defautl udp binding
expire time).
Andrei