[Asterisk-Users] IAX and NAT
Olle E. Johansson
oej at edvina.net
Mon Sep 29 04:26:57 MST 2003
Brancaleoni Matteo wrote:
> VoIP protocols normally use 2 connection:
> * 1 for control (eg on port 5060 for sip)
> * 1 for the RTP (media stream)
> The latter hasn't a fixed port, since is negotiated
> by the control connection. That could cause some troubles
> with NAT & firewalls.
>
> IAX doesn't use 2 ports, but only one .
> So on the same port it brings the control connection &
> the RTP stream. So NATting IAX isn't a problem
>
Also, IAX is client-driven, the IAX client opens a channel to the server and
keeps it open for calls both ways.
SIP is a peer-to-peer protocol and a phone needs to be able to receive incoming
calls. If the phone, or the "SIP UAC/S (User agent client/server) software",
is behind a NAT, there's no way any phone out there can reach it on the inside.
There are a lot of fixes, ranging from using a SIP proxy on the outside for incoming
calls and keeping a NAT session open with fixes called "NAT pings" to protocols
that opens up port forwarding from the NAT to the inside client (UPNP) and protocols
that let the client investigate the NAT situation (STUN) and be more clever.
The long term fix is to remove NAT boxes and use IPv6 or allocate more IPv4 addresses
...or, as some people on this list advocate, use another protocol.
/Olle
More information about the asterisk-users
mailing list