At 10:37 AM 8/24/2004, Richard wrote:
Hi all,
It was a good discussion. Although I didn't find out any consumer router/firewall working with NAT ping, I had some surprisingly good finding.
Before this whole nat ping and binding refreshing issue, I always think a better solution is SIP aware NAT, i.e. ALG. I didn't find any good device because most ALG router/firewalls were used to be high-end and relatively expensive. Also many ALG implementation, e.g. fixup protocol in cisco PIX have some serious flaws to be usable.
Hi Richard,
I'm not entirely happy I am so frequent disagreement initiatior in this thread but I don't like ALGs too much either. They have a bunch of issues, primarily they don't work with security and secondly they have a high potential for misimplementing the application logic. This has turned out to be true in quite many cases in the past. (Nevertheless good to hear there is a working linksys product.)
-jiri