[ previous ] [ next ] [ threads ]
 
 From:  Steve Yates <steve at teamITS dot com>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Consistent (predictive) NAT
 Date:  Tue, 15 Nov 2011 11:44:38 -0600 
A third question: we have an MSP application where agent software connects back to our office.  For
remote control purposes, the latest version introduced "tunnels" where the remote makes a UDP
connection to our system and uses that for VNC.  The connection is made but within a few seconds to
15 minutes it will stop responding to our clicks and keystrokes.  Their documentation includes this
comment:


- Routers typically need to use predictable NAT.  Almost all lower end units do this by default. 
Some higher end units use symmetric NAT and this is not compatible; however, most of these routers
have a setting to allow VOIP phones and once this is turned on, the tunnel will work. Always look at
the router configuration and look for Predictive NAT or VOIP settings and turn them on to see if
this fixes the issue.  Sonicwall has a VOIP setting that must be enabled for the tunnels to work. 
- Turn off SIP Transformations, Helpers and Proxies. 

What does m0n0wall use?

For comparison, they suggest turning off "Enable SIP Helper" in Untangle, and on Sonicwall check
"Enable Consistent NAT."

--
Thanks,

Steve Yates
ITS, Inc.