19 Apr
2007
19 Apr
'07
12:16 p.m.
Alexander Bergolth wrote:
Hi!
In our organization there are many subnets with public-ip-adresses that
are behind stateful-firewalls that prevent incoming connections from
outside. If the clients are in two different protected subnets, they
won't be able to communicate without an rtpproxy.
Unfortunately since there is no NAT involved, the nat_uac_test() won't
be useful. Is there any other way for the server to detect that an
rtpproxy has to be used?
No.
Is there a way for the clients to detect it and
report it to the server?
A client is possible to detect a symmetric firewall by use of STUN. But
AFAIK there is standard based way to inform the SIP proxy about the STUN
result. There are some clients which report the result of the STUN
process to the SIP proxy in a proprietary header (I think I have seen
this with SNOM). These header could be evaluated by the proxy.
The easy way would be to force the RTP proxy for all calls.
You could also check if a call is from and to a suspect IP address range
and acticvate the RTP proxy for these calls.
regards
klaus