the number of global IP addresses required in a private network (global IP addresses are
only used to connect to the Internet) and (2) better network security by hiding the internal
architecture.
The design of SIP creates a problem for VoIP traffic to pass through NAT. SIP uses IP
addresses and port numbers in its message body. However, the NAT server is unable to
modify the SIP messages and thus, can’t change local addresses to global addresses.
This section discusses the device's solutions for overcoming NAT traversal issues.
11.8.1 Device Located behind NAT
Two different streams traverse through NAT - signaling and media. A device located
behind a NAT, that initiates a signaling path has problems receiving incoming signaling
responses as they are blocked by the NAT server. Therefore, the initiating device must
inform the receiving device where to send the media. To resolve this NAT problem, the
following solutions are provided by the device, listed in priority of the selected method used
by the device:
a. If configured, uses an external STUN server to assign a NAT address to all interfaces
- see .Configuring STUN on page 125.
b. If configured, uses the single Static NAT IP address for all interfaces - see 'Configuring
a Static NAT IP Address for All Interfaces' on page 126.
If NAT is not configured by any of the above-mentioned methods, the device sends the
packet according to its IP address configured in the Multiple Interface table.
The figure below illustrates the NAT problem faced by the SIP networks where the device
is located behind a NAT:
Figure 11-9: Device behind NAT and NAT Issues
11.8.1.1 Configuring STUN
Simple Traversal of UDP through NATs (STUN), based on RFC 3489 is a client / server
protocol that solves most of the NAT traversal problems. The STUN server operates in the
public Internet and the STUN clients are embedded in end-devices located behind NAT.
To Next Page
Loading...
Need help?
General
