Archived from groups: comp.dcom.voice-over-ip (More info?)
This is probably obvious to most people who really know NAT and SIP
but for others who are stumbling around just trying to make things
work, here's my story.
I have a bunch of Sipura SPA-2000 (dual FXS) devices. I've been
giving them to friends in order to see what good we can make of
them. Until now I had not tried making a call to one of the
devices behind NAT.
I started testing calls to a NAT device at home from a server out
on the 'net. The SPA device was registered and configured with
"nat=yes" but calls were failing with 404 errors. At first I
thought it was just that I needed to call some special extension
in the SPA.
A little network traffic sniffing showed that even though I'd told
Asterisk that the device is behind NAT, it was trying to send calls
to port 5060 on the public IP address. That was reaching my home
Asterisk server which generated the 404.
So...more reading...I found this paper on SIP and NAT.
http://corp.deltathree.com/technology/nattraversalinsip.pdf
Skimming it I noticed
The proxy needs to return SIP packets on the same port it
received them to the IP
ort that the packets were sent
from (not to any standard SIP port, e.g. 5060). SIP has
tags that tell the proxy to do this -- the "received" tag
tells the proxy to return a packet to a specific IP and
the "rport" tag [2] keeps the port to return to.
Ah ha! I recalled "rport" in the NAT part of the SPA's SIP page.
I experimented and found that all I needed to do was switch
"Insert VIA rport" to "On" to make it work.
--kyler
This is probably obvious to most people who really know NAT and SIP
but for others who are stumbling around just trying to make things
work, here's my story.
I have a bunch of Sipura SPA-2000 (dual FXS) devices. I've been
giving them to friends in order to see what good we can make of
them. Until now I had not tried making a call to one of the
devices behind NAT.
I started testing calls to a NAT device at home from a server out
on the 'net. The SPA device was registered and configured with
"nat=yes" but calls were failing with 404 errors. At first I
thought it was just that I needed to call some special extension
in the SPA.
A little network traffic sniffing showed that even though I'd told
Asterisk that the device is behind NAT, it was trying to send calls
to port 5060 on the public IP address. That was reaching my home
Asterisk server which generated the 404.
So...more reading...I found this paper on SIP and NAT.
http://corp.deltathree.com/technology/nattraversalinsip.pdf
Skimming it I noticed
The proxy needs to return SIP packets on the same port it
received them to the IP
ort that the packets were sentfrom (not to any standard SIP port, e.g. 5060). SIP has
tags that tell the proxy to do this -- the "received" tag
tells the proxy to return a packet to a specific IP and
the "rport" tag [2] keeps the port to return to.
Ah ha! I recalled "rport" in the NAT part of the SPA's SIP page.
I experimented and found that all I needed to do was switch
"Insert VIA rport" to "On" to make it work.
--kyler
Facebook
Twitter
Instagram