There are two approaches to get NAT working properly: - Use UDP and send and receive from the same port. This is extremly simple, however some phones do (by default) send and recieve from a different ports. Then you have to tell explicity "no no, dont do that; use the same port". There are even phones that send and receive from different RTP ports. I would say they are extremly NAT unfriendly. And I don't know why a phone vendor would do that. Anyway, the IETF specs allow it. The problem with the UDP approach is the high keep-alive traffic (every 15-20 secs you must refresh it) and the number of buggy NAT implementations out there. I would say this approach works with 95 % of the equipment.
- Use TCP/TLS and keep the TCP connection to the PBX open all the time. This reduces and amound of keep-alive traffic and works with almost anything on the market. Because a router that does not support https or MS Exchange traffic will have a real hard time in the market place! TLS has the advantage that "smart" routers cannot see the SIP traffic any more and mess around with it. For example, there is a vendor out there that does not understand the rport parameter in the Via and removes it (but leave the ; standing there)!!! Especially when there are relatively few user agents registered to the system (number of file descriptors), this approach is superior. AFAIK the next * version will support this approach; there are already systems available that support TCP and TLS. Just my two cents. Christian > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Andrew Kohlsmith > Sent: Sunday, April 16, 2006 11:16 PM > To: [email protected] > Subject: Re: [Asterisk-Users] Phones that work well through NAT > > On Saturday 15 April 2006 22:37, C F wrote: > > That is until you run into problems, while they do work, I wouldn't > > say that Polycoms work EXEPTIONALLY well, Cisco, and SPA > work *MUCH* > > better. > > Can you detail some problems? Just about any off-the-shelf > router seems to work with these. There may be some cheap-ass > broken routers you can get for > $5 which will not work, but all of the brand-name stuff I've > tried Just Works, which is why I say they work exceptionally well. > > -A. > _______________________________________________ > --Bandwidth and Colocation provided by Easynews.com -- > > Asterisk-Users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > > > _______________________________________________ --Bandwidth and Colocation provided by Easynews.com -- Asterisk-Users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
