Tom's Hardware > Forum > General Networking > VPN, VoIP, Video Conferencing, Remote Connections > iptables NAT and SIP VoIP

iptables NAT and SIP VoIP

Forum General Networking : VPN, VoIP, Video Conferencing, Remote Connections - iptables NAT and SIP VoIP

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Anonymous   06-24-2005 at 07:16:45 PM

Archived from groups: comp.dcom.voice-over-ip (More info?)

 

Hi,

I've got Fedora 1.0 with iptables 1.3.1 as NAT server. This is my
setup:

-A POSTROUTING -o eth0 -j SNAT --to-source EXTERNAL_IP

I've got SIP IP phone on eth1, when I try to originate from it I see
the following:


STUN msg -> Int_ip:30000 -> STUN server:3478
STUN msg -> Ext_ip:30000 -> STUN server:3478
STUN msg -> STUN server:3478 -> Int_ip:30000

SIP msg Invite -> Int_IP:5060 -> SIP Server:5060
SIP msg Invite -> Ext_IP:5060 -> SIP Server:5060

SIP msg Trying -> Int_IP:5060 -> SIP Server:5060
SIP msg Trying -> Ext_IP:5060 -> SIP Server:5060

.... all regular stuff here...

and then when the RTP has to come:


RTP msg -> Terminating_GW:5190 -> Ext_IP:30000
ICMP msg -> Destination Unreachable
......

And here is the odd part:

RTP msg -> Int_IP:30000 -> Terminating_GW:5190
RTP msg -> Ext_IP:1026 -> Terminating_GW:5190

IPtables has changed the SRC port of the packet from 30000 to 1026 and
this is causing the NAT to drop the UDP packets from the Terminating_GW
to the SIP Phone.

I don't want to have static port maping to Int_IP...
I've read that iptables has to preserve the port "if possible" ... but
what does that mean?
Do you have any idea how can I change that behaviour?

Add a reply
Sponsored Links
Register or log in to remove.
Ask the community Add a reply
Tom's Hardware > Forum > General Networking > VPN, VoIP, Video Conferencing, Remote Connections > iptables NAT and SIP VoIP
Go to:

There are 1010 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.227 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
They won a badge
Join us in greeting them
  • 01:00 skythra won the Freshman badge
  • 01:00 Ckaz won the Freshman badge
  • 01:00 james59 won the Uniformed badge
  • 01:00 snarl won the Uniformed badge
  • 01:00 patlabor44 won the Uniformed badge
  • 01:00 Kiren won the Uniformed badge
  • 01:00 WookinPaNub won the Uniformed badge
  • 01:00 kwadams won the Uniformed badge
  • 21:57 brockh won the Sophmore badge
  • 01:00 xpax won the Freshman badge