<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Auto nat isn't or the commercial env. Its for the small office / home office.<div><br></div><div>/b</div><div><br><div><div>On Jan 11, 2011, at 8:36 PM, Rupa Schomaker wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><span class="Apple-style-span" style="border-collapse: separate; font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; ">Again, I would say block the ports at your router. Or block them with<br>a host-based firewall on the server.<br><br>On Tue, Jan 11, 2011 at 12:22 PM, Alex Wang <<a href="mailto:hadyn_whx@hotmail.com">hadyn_whx@hotmail.com</a>> wrote:<br><blockquote type="cite">Hi Brian<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">I think you misunderstood me on this, what I want to say is not every<br></blockquote><blockquote type="cite">PBX will face to the public, even in the commercial environment, the PBX<br></blockquote><blockquote type="cite">may not need open 5060-5080 to the public, but the sip session will need<br></blockquote><blockquote type="cite">upnp to automatically map the port. My question is how to handle this<br></blockquote><blockquote type="cite">kind of situation. Just -nonat and map all the other port?<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">Thanks<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">Alex<br></blockquote><blockquote type="cite">On Tue, 11 Jan 2011 11:06:56 -0600<br></blockquote><blockquote type="cite">Brian West <<a href="mailto:brian@freeswitch.org">brian@freeswitch.org</a>> wrote:<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite"><blockquote type="cite">start FreeSWITCH with -nonat .. I can NOT and will NOT change in the way it works. If you want to manage your mappings yourself do so... I'm not going to cripple the autonat to not AUTO nat.<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">/b</blockquote></blockquote></span></blockquote></div><br></div></body></html>