Most likely the invite is not detected as NATed by your config and force_rport and fix_nated_contact (which will solve your problem) are not called.
If you use stun, it behaves badly. If not, you have an ALG in front of the UA.
g-)

------- Original message -------
From: İlker Aktuna (Koç.net) <ilkera@koc.net>
Sent: 9.4.'07,  9:32

> Hi,
>
> I have a working configuration on my SER server. Most of the users can make calls (both way incoming and outgoing) with no problem.
> However, I have some clients that can't make calls.
> When I analyze these by ngrep and/or tcpdump, I see that the SER server does not reply the packet on the correct port.
>
> For example, I have a testing client which is behind NAT.
> The client sends INVITE message from UDP port 3023 to port 5061 of my SER.
> (cseq number is 1)
> SER exchanges the message with the uplink sip gateway and when it receives a "OK" response it forwards this message to the client's NAT IP address BUT on a different port (14640) with correct cseq number (1)
>
> Of course, this new port is not open on the NAT router and it does not reach the client.
>
> I see that the first INVITE message has Contact field with internal IP address of the client and the port number as 14640.
> So the SER server sends the returning message to the external IP address with internal port number.
>
> How can I fix this issue ?
>
> I can send the configuration of my SER server if that would help to find the problem.
>
> Thanks,
> ilker
> _____________________________________________________________________________________________________________________________________________
> Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor olabilir. Eger bu e-posta mesaji size yanlislikla ulasmissa,  icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini kullaniciya hemen geri gonderiniz  ve  tum kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz.  Bu e-posta mesaji viruslere karsi anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul etmez.
> This message is intended solely for the use of the individual or entity to whom it is addressed , and may contain confidential  information. If you are not the intended recipient of this message or you receive this mail in error, you should refrain from making any use of the contents and from opening any attachment. In that case, please notify the sender immediately and return the message to the sender, then, delete and destroy all copies. This e-mail message, can not be copied, published or sold for any reason. This e-mail message has been swept by anti-virus systems for the presence of computer viruses. In doing so, however,  sender  cannot warrant that virus or other forms of data corruption may not be present and do not take any responsibility in any occurrence.
> _____________________________________________________________________________________________________________________________________________
> _______________________________________________
> Serusers mailing list
> Serusers@lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers