[ previous ] [ next ] [ threads ]
 From:  "William " <William at carterobservatory dot org>
 To:  "m0n0wall list" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] SIP protocol madness
 Date:  Thu, 26 May 2005 11:13:49 +1200
Unfortunately, there are many, many phone systems out there, either
being sold new or still in use (SIP phones can be expensive!) that do
not support NAT traversal due to their implementations of SIP.  In fact,
the only phones I've seen personally either support only SIP, and can't
traverse, or support SIP and a proprietary NAT discovery system that
changes modes when behind NAT and going outside the local net.
Personally, I'd like to have the capability to use both types behind
m0n0wall - it can be much cheaper getting hold of older phones, which
can be important for a non-profit organisation for example.

On Thursday, 26 May 2005, Lee Azzarello wrote:
>On Wed, 2005-05-25 at 14:34 +1200, William wrote:
>> I've had some difficulty finding a firewall (aside from Cisco PIX) 
>> that fixes up SIP packets traversing NAT.
>I'm using m0n0 as the standard firewall/traffic shaper for Asterisk
installations with SIP telephones. Both Asterisk and >the telephones I'm
working with have internal functions to rewrite the SIP headers to get
through NAT. I haven't had to touch anything in the m0n0 configuration.
>Are there some telephones which won't rewrite their headers to
accomodate NAT? It seems that the mythical SBC that many companies sell
for a bazillion dollars aren't doing much more than this.