> On Fri, 2009-06-12 at 10:03 -0400, Scott Lawrence wrote: > What isn't supported or tested is having two members of an HA cluster > behind two different NATs. If what you have is two different systems > (different SIP domain names) configured to talk to each other via > site-to-site links, being behind two different NATs can be made to > work > (with the usual NAT hassles, of course). > > On Tue, 2009-06-16 at 11:39 -0400, Matt Keys wrote: > > Scott, > > Can you clarify this? Lets say server A is behind a NAT but in the > DMZ. A new branch office will have server B also behind a NAT. You're > saying they must be in different SIP domains? HA isn't available > without VPN or similar connectivity?
That is not a configuration that we expect to work (and at this time would not consider it a bug if it didn't). (Note that "in the DMZ" is not a statement that has a well-defined meaning, which just scratches the surface of the ambiguities in this problem space) There are a bunch of interactions between systems in an HA cluster. Making them all work through NATs would be a lot of work. More importantly, setting up and maintaining a regression test process that ensured that remained true as we modify and extend those interactions would be an even bigger job. By contrast, setting up a VPN between those same two sites so that the systems did not have to worry about it is something that can be done using well supported off the shelf technology. _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users sipXecs IP PBX -- http://www.sipfoundry.org/
