[asterisk-dev] SIP, NAT, security concerns, oh my!
Yaroslav Panych
panych.y at gmail.com
Sat Oct 22 10:06:53 CDT 2011
2011/10/22 Kevin P. Fleming <kpfleming at digium.com>:
> On 10/22/2011 09:31 AM, Yaroslav Panych wrote:
>
> Without a mechanism such as one of these, if the NAT device does not (or
> cannot) map the SIP client's request port to the same port on the other side
> of the NAT, what you are proposing is not possible. In these cases (which
> are very common), the SIP client doesn't have any way to tell the server the
> proper port number to respond to.
In such cases, this not software problem any more. It is politics
problem. Network is another instrument to do some work. This
instrument should meet all requirements(here present NATs should be
traversable) of worker in order to do task most effectively. If it
doesn't - worker must change tool. If SIP-client user so dumb to not
understand that, it is probably his problem, not SIP-proxy developers
problem. Anyway, TCP has not this problem, so if SIP-client cannot
traverse NAT and cannot use TCP - it is really SIP client problem, not
proxy's.
More information about the asterisk-dev
mailing list