[c-nsp] Cisco 867 SIP & NAT
Brian Turnbow
b.turnbow at twt.it
Wed Jan 9 04:17:38 EST 2013
HI ,
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Chuck Church
> Sent: mercoledì 9 gennaio 2013 03:52
> To: 'Andrew Yager'; cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Cisco 867 SIP & NAT
>
> You can configure a maximum number of NAT entries:
>
> http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt_natrl
> .html
> #wp1046625
>
> Alternatively (and probably better) you could turn down the UDP and TCP
> NAT timeouts. The defaults are really long, a day for TCP without a
> FIN/RST, and 5 minutes for UDP.
Keep in mind that in SIP your UDP nat timeout should be higher than the registration refresh/keep alive interval you are using.
Otherwise you phone will register, the nat session will timeout , and you will be unable to receive calls.
Disable SIP nat alg for both udp and tcp, and if unable to do so use a non standard port to bypass it.
I've yet to find one that really works....
Regards
Brian
---
This e-mail is intended only for the addressee named above.
As this e-mail may contain confidential or privileged information,
if you are not the named addressee, you are not authorized to retain, read,
copy or disseminate this message or any part of it.
Please consider your environmental responsibility before printing this e-mail.
More information about the cisco-nsp
mailing list