[Asterisk-Users] Phones that work well through NAT

Christian Stredicke Christian.Stredicke at snom.de
Sun Apr 16 17:04:16 MST 2006 

There are two approaches to get NAT working properly:

- Use UDP and send and receive from the same port. This is extremly
simple, however some phones do (by default) send and recieve from a
different ports. Then you have to tell explicity "no no, dont do that;
use the same port". There are even phones that send and receive from
different RTP ports. I would say they are extremly NAT unfriendly. And I
don't know why a phone vendor would do that. Anyway, the IETF specs
allow it. The problem with the UDP approach is the high keep-alive
traffic (every 15-20 secs you must refresh it) and the number of buggy
NAT implementations out there. I would say this approach works with 95 %
of the equipment.

- Use TCP/TLS and keep the TCP connection to the PBX open all the time.
This reduces and amound of keep-alive traffic and works with almost
anything on the market. Because a router that does not support https or
MS Exchange traffic will have a real hard time in the market place! TLS
has the advantage that "smart" routers cannot see the SIP traffic any
more and mess around with it. For example, there is a vendor out there
that does not understand the rport parameter in the Via and removes it
(but leave the ; standing there)!!! Especially when there are relatively
few user agents registered to the system (number of file descriptors),
this approach is superior. AFAIK the next * version will support this
approach; there are already systems available that support TCP and TLS.

Just my two cents.


Christian

> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com 
> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of 
> Andrew Kohlsmith
> Sent: Sunday, April 16, 2006 11:16 PM
> To: asterisk-users at lists.digium.com
> Subject: Re: [Asterisk-Users] Phones that work well through NAT
> 
> On Saturday 15 April 2006 22:37, C F wrote:
> > That is until you run into problems, while they do work, I wouldn't 
> > say that Polycoms work EXEPTIONALLY well, Cisco, and SPA 
> work *MUCH* 
> > better.
> 
> Can you detail some problems?  Just about any off-the-shelf 
> router seems to work with these.  There may be some cheap-ass 
> broken routers you can get for
> $5 which will not work, but all of the brand-name stuff I've 
> tried Just Works, which is why I say they work exceptionally well.
> 
> -A.
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
> 
> Asterisk-Users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
> 
> 
>

More information about the asterisk-users mailing list