[Freeswitch-users] OT: Snom phones reporting incorrect port in Contact/Via
Michael Jerris
mike at jerris.com
Thu Apr 15 06:39:41 PDT 2010
The one requested? you seem to be indicating that the firewall uses different nat mappings for inbound vs outbound. When using rport, it doesn't matter what the local port on the phone is. The phone make a connection to the outside world, the firewall maps it to some port, we don't care what. When we respond, we respond to the port we got it from, and we tell the guy that port. it doesn't matter what port the client or anyone else thought it was, it only matters what the firewall chose.
Mike
On Apr 15, 2010, at 3:15 AM, Jonas Gauffin wrote:
> It doesnt make sense. But the fact is that the FW/router assigns another port than the requested one.
>
> I found a setting in latest firmware for snom which disables rport. But when turned off, it stops using the external IP that stun found. Turning off RPORT should not turn of external ip detection, right?
>
> My FS server is on a public IP. Can I tell FS to always send replies to received-ip instead of the one specified in the request (if the specified ip is a RFC1918 ip?)
>
> On Wed, Apr 14, 2010 at 9:36 PM, Michael Jerris <mike at jerris.com> wrote:
> This does not make any sense. It limits outbound connections based on source port? rport would make us tell the guy the port he DID come from, so the nat mapping is in place and working because we got the packet from that port.
>
> On Apr 14, 2010, at 10:50 AM, Jonas Gauffin wrote:
>
>> Most of my customers have forwarded ports in their firewalls/routers. Those ports will not be used if rport is turned on.
>>
>> I currently got a problem with a customer who is using an old Windows 2000 server as firewall/router. It wont let packets through when using rport. It would work if rport was turned off and all communication was done using the configured port.
>>
>> On Wed, Apr 14, 2010 at 3:53 PM, Brian West <brian at freeswitch.org> wrote:
>> You want rport otherwise NAT HELL will begin.
>>
>> /b
>>
>> On Apr 14, 2010, at 8:11 AM, Jonas Gauffin wrote:
>>
>> > Well, yes. But snom can only turn off rport through provisioning and only in the latest firmware.
>> >
>> > It would be great if it could be turned off in FS too, per user account.
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20100415/7115d6d8/attachment.html
More information about the FreeSWITCH-users
mailing list