[c-nsp] iChat AV and Cisco CBAC/NAT
Jared Mauch
jared at puck.nether.net
Thu Mar 15 16:18:29 EST 2007
On Thu, Mar 15, 2007 at 04:58:02PM -0400, Rodney Dunn wrote:
> On Thu, Mar 15, 2007 at 03:35:43PM -0500, Church, Charles wrote:
> > Rodney,
> >
> > We were instructed to use:
> >
> > no ip nat service sip tcp port 5060
> > no ip nat service sip udp port 5060
> >
> > by TAC to fix an issue with NAT between Cisco phones and a Broadsoft IP
> > softswitch. That fixed our issue of phones not registering correctly.
>
> That just turns off sip translation for embedded payload information.
> If your end stations require that SIP may fail.
>
> > The thing that bothered me was that the default according to the docs
> > was that NAT payload correction (for lack of a better term) wasn't
> > supposed to be enabled by default.
>
> It is.
>
> Back when I had Vonage a year ago,
> > it worked flawlessly with various home routers, which don't touch the
> > payload. Since it seems that most ATAs/phones and softswitches these
> > days seem to work with non payload correction NAT, wouldn't it make
> > sense for a NATing device in the middle to no longer touch the payload?
>
> If that were the case I do agree with you. But I'm not a SIP expert so
> I can't comment on what devices would or would no work if the embedded
> information isn't translated correctly.
Use a $50 linksys, or some non-cisco consumer device from
best-buy and you'll be better off than your expensive ios router
in this case it seems ;)
seems like a huge test escape to me :)
or they're only testing their SIP with their own products, ie
CallManager which doesn't fully conform so they're not seeing the diverse
universe of sip products out there..
- jared
--
Jared Mauch | pgp key available via finger from jared at puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
More information about the cisco-nsp
mailing list