Hello, If you are really interested in having SER within a natted network or running on the firewall/nat itself, may be you could give a try to the fcp module. It relies on a client side which is added as a module to SER, and a server side, running on the firewall/nat (with iptables). The module keeps track of sessions similar to a b2bua. When a new request for a session comes (INVITE, SUBSCRIBE, MESSAGE, etc.) from an internal client, the fcp module learns the external IP address and a port on the firewall and makes several changes to the SIP message. In the current implementation, Contact and SDP can be changed before sending any request through the firewall/nat. When responses come back (200 OK with SDP), the firewall ports are open for media to flow. Ports are closed after expiration of rules or because of CANCEL/BYE are issued from any of the end points. This has been tested so far in the following scenario: SIP UA1 ----- SER+fcp module ------ NAT/FW(fcpd) --------- SER ----------- SIP UA2 With the current version of fcpd (http://www.iptel.org/fcp/) I have not been successful in establishing a media connection, but you might be luckier :) However, the previous version worked for me in several occasions (I could hear audio to and from SIP UA1/SIP UA2). If your are interested in giving it a try, let me know and we see how far we get. Jaime "Hans Scheffers" <hans.scheffers(a)xs4all.nl> on 06/05/2003 13:32:16 To: serusers(a)lists.iptel.org cc: (bcc: Jaime GILL/EN/HTLUK) Subject: RE: [Serusers] Firewall NAT, i have one public ip The problem with iptable/ipchains is the way they filter compared to Cisco a.s.o. Hans Scheffers JifLin B.V. Leliestraat 7 7151 GH Eibergen http://www.jiflin.nl _______________________________________________ Serusers mailing list serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers ******************************************************************************* Important. Confidentiality: This communication is intended for the above-named person and may be confidential and/or legally privileged. Any opinions expressed in this communication are not necessarily those of the company. If it has come to you in error you must take no action based on it, nor must you copy or show it to anyone; please delete/destroy and inform the sender immediately. Monitoring/Viruses Orange may monitor all incoming and outgoing emails in line with current legislation. Although we have taken steps to ensure that this email and attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. Orange PCS Limited is a subsidiary of Orange SA and is registered in England No 2178917, with its address at St James Court, Great Park Road, Almondsbury Park, Bradley Stoke, Bristol BS32 4QJ. *******************************************************************************