Thanks for the explanation. After looking at it further, I realized you need to create network rule that would take care route relationship from dmz, where sipx server is, to internal network, where client it. Also, on the sipx server, I needed to add route entry to route through internal gateway when sending packets to internal client.
Works great. ----- Original Message ---- From: Scott Lawrence <[email protected]> To: roman gelfand <[email protected]> Cc: [email protected] Sent: Wednesday, June 17, 2009 10:10:54 PM Subject: Re: [sipx-users] NAT Traversal On Wed, 2009-06-17 at 15:34 -0700, roman gelfand wrote: > My envionment is > > wan ---- cisco firewall ----- dmz ------- microsoft isa firewall ----------- > internal network > > > My sipx server sits in dmz. The client or xlite softphone sits in internal > network. > > I understand how sip and rtp traffic hits sipx server originating from x-lite. > > How does sipx server know how and where to send sip and rtp traffic to x-lite? That's what the REGISTER is for - it provides a mapping from the identity (from the To header) to a Contact address. When the REGISTER is received, the proxy detects whether or not the received address and port match those in the SIP signaling, and if not it annotates the Contact with the data needed to reverse the path. If the microsoft isa firewall is 'sip aware', it may do incompatible things (the only thing worse than not compensating for NATted addresses is compensating for them twice)... I don't know anything about that product. You'll probably have to put sniffers on both networks so that you can compare all the SIP messages and see what's not working. _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users sipXecs IP PBX -- http://www.sipfoundry.org/
