[Serusers] nat_ping problems

Hi all, Following up on my post a couple days ago; http://lists.iptel.org/pipermail/serusers/2004-June/008936.html I have now tested with rtpproxy/nathelper and mediaproxy and I seem to be having the same results. As of now my test environment is as follows; I have two networks, 192.168.123.0/24 SER server 192.168.100.0/24 UAC (Grandstream HardPhone) Currently I have a D-Link NAT router separating both networks. I have SER (CVS checkout from HEAD as of ~22nd June) running on FreeBSD 5.2.1-R I have had the same issue with both Maxims nathelper/rtproxy and Adrians mediaproxy. The below traces are from mediaproxy, as my most recent testing has been done here. I would like to have done the same analysis with nathelper/rtpproxy but I live under time constraints... 09:48:06 Register From UAC through NAT to ser Completed 09:48:44 UDP Ping Ser -> Nat Firewall -> UAC 09:49:44 UDP Ping Ser -> Nat Firewall -> UAC 09:50:45 UDP Ping Ser -> Nat Firewall -> UAC 09:51:45 UDP Ping Ser -> Nat Firewall -> XXXXX 09:52:46 UDP Ping Ser -> Nat Firewall -> XXXXX 09:53:47 UDP Ping Ser -> Nat Firewall -> XXXXX 09:54:47 UDP Ping Ser -> Nat Firewall -> XXXXX . . . . . 10:12:58 UDP Ping Ser -> Nat Firewall -> XXXXX Example of two UDP packet from SER to Nat Firewall: 09:48:44.151998 bottom.example.com.5060 > dlinknat.example.com.60408: udp 4 [tos 0x10] 0x0000 4510 0020 7c7d 0000 4011 8627 c0a8 7b65 E...|}..@..'..{e 0x0010 c0a8 7b62 13c4 ebf8 000c 8800 0000 0000 ..{b............ 0x0020 0000 0000 0000 0000 0000 0000 0000 .............. 09:49:44.752972 bottom.example.com.5060 > dlinknat.example.com.60408: udp 4 [tos 0x10] 0x0000 4510 0020 7c83 0000 4011 8621 c0a8 7b65 E...|...@..!..{e 0x0010 c0a8 7b62 13c4 ebf8 000c 8800 0000 0000 ..{b............ 0x0020 0000 0000 0000 0000 0000 0000 0000 .............. Example of the two corresponding UDP packets inside the NAT Firewall from NAT Firewall to the UAC 09:48:44.199818 bottom.example.com.5060 > 192.168.0.101.5060: udp 4 [tos 0x10] 0x0000 4510 0020 7c7d 0000 3f11 0225 c0a8 7b65 E...|}..?..%..{e 0x0010 c0a8 0065 13c4 13c4 000c db32 0000 0000 ...e.......2.... 0x0020 0000 0000 0000 0000 0000 0000 0000 .............. 09:49:44.807148 bottom.example.com.5060 > 192.168.0.101.5060: udp 4 [tos 0x10] 0x0000 4510 0020 7c83 0000 3f11 021f c0a8 7b65 E...|...?.....{e 0x0010 c0a8 0065 13c4 13c4 000c db32 0000 0000 ...e.......2.... 0x0020 0000 0000 0000 0000 0000 0000 0000 .............. Here is an example of two packets that get sent from SER to the NAT Firewall but never get past the NAT firewall. 10:18:01.579051 bottom.example.com.5060 > dlinknat.example.com.60408: udp 4 [tos 0x10] 0x0000 4510 0020 8193 0000 4011 8111 c0a8 7b65 E.......@.....{e 0x0010 c0a8 7b62 13c4 ebf8 000c 8800 0000 0000 ..{b............ 0x0020 0000 0000 0000 0000 0000 0000 0000 .............. 10:19:02.179829 bottom.example.com.5060 > dlinknat.example.com.60408: udp 4 [tos 0x10] 0x0000 4510 0020 8198 0000 4011 810c c0a8 7b65 E.......@.....{e 0x0010 c0a8 7b62 13c4 ebf8 000c 8800 0000 0000 ..{b............ 0x0020 0000 0000 0000 0000 0000 0000 0000 .............. It appears that the NAT firewall stops transmitting the packets, nor does it reject them, they just silently get dropped, and ser just continues to send them with no idea if they are getting through or not. If I set the phone to a very low register time then everything works fine, as it keeps the nat mapping current, and I can make calls from outside the nat to the UAC on the inside. I have attached my current config (mediaproxy) file. Finally, I have had the same problems while Cisco IOS, and a cheap U.S. Robotics (Lucent based I think) for natting, which makes me assume that this is not a nat router specific issue. Is there something basic I'm missing here? How have people made this configuration work? Is there anyone actual using nathelper/rtpproxy or mediaproxy in production? If anyone wants more specific debug information then just let me know! :) Thanks for your help, -Jev