[asterisk-users] Cisco 7971 behind NAT
Luki
lugosoft at gmail.com
Mon Nov 16 22:30:14 CST 2009
Hi all,
does anyone have any luck using a Cisco 7971 (SIP) behind NAT with two
different accounts on the same server (i.e. two different extensions)?
I am using Cisco-CP7971G-GE/8.3.0 and asterisk V1.4.something.
The phone sends SIP packets from a high-numbered UDP port but expects
a reply on port 5060. Fine, I do some magic with iptables to rewrite
the packets (which limits me to one phone at that location, unless I'm
mistaken). Incoming calls work fine on both accounts, but outgoing
calls work only from the most recently registered account (the order
is random due to timing) since both appear to asterisk as IP:5060. An
outgoing call from the other account is rejected with an
authentication mismatch, which makes sense. Asterisk matches the most
recently registered peer by IP/port and if the user name differs, it
complains, even if the password is the same for both accounts.
So, is this the worst SIP implementation ever in those Cisco 7971's or
am I doing something very wrong here? Technically even without NAT
this confusion would occur as both accounts use IP:5060 so Asterisk
cannot tell them apart during the initial peer matching stage. Of
course the source port the Cisco selects is different with every
dialog, so that doesn't help either.
Any input would be appreciated before I throw that phone out of the window.
Thanks,
Luki
More information about the asterisk-users
mailing list