[Freeswitch-users] NAT issues and "best practices"

Sean Devoy sdevoy at bizfocused.com
Thu May 31 22:10:59 MSD 2012


HI All,

 

I have a customer location that has just been a nightmare to implement.  I
am just learning that they "may" have multiple NAT routers in sequence at
their location.  I think I fully understand what NAT is trying to
accomplish. There seem to be different levels and approaches.  

 

The most basic NAT setup (to me)  is a HOME LAN with multiple PCs where NAT
allows multiple devices to share a single routable IP address on the WAN
side from multiple local devices the LAN side.  Note I said OUTBOUND
initiated connections.  Even FTP can have trouble with this level.  Almost
all inbound traffic is blocked for security.

 

Clearly for FS we need the switch to be able to punch through from the WAN
to specific local IPs on the LAN to reach specific phones.  This is INBOUND
NAT and brings up many security issues for people.  Even on devices where
you get this "working" you may only be able to support one line per phone or
a single inbound connection at a time.

 

I understand NAT has PMP and UPnP protocols and FS "supports" both.  What I
can't find is where someone says "Here is a great setup that works with
cheap, available "commodity" hardware from Cisco/Linksys that supports all
the NAT you need for FS."  I don't care if it is PMP or UPnP and I might not
even care why you pick one over the other, although it is probably a "good
read".

 

Can someone just stand up say "FS works GREAT with the XYZ router in ABC
mode from MY COMPANY using NAT to Cisco phones"?

 

I have seen some articles about Freeware/Shareware firmware in this devices,
but as a novice I want to limit the unknowns until I get more up to speed.

 

My specific issue now is that I cannot get SCA to work at the NAT location.
I issued: 

sofia_contact 220 at mydomain.com

sofia/external/sip:200@<ip address>:44234,sofia/external/sip:200@<same
ip>:1024

 

Only one phone rings on inbound and the line indicator light does not change
when either is picked up.  Same configuration is working on our LAN with the
switch.

 

I am absolutely ready to by a router to fix these issues, I don't want to
lose this customer.

 

Thanks for your thoughts,

Sean

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120531/ccc242b0/attachment.html 


Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list