[Serusers] NAT ping and consumer router
Jiri Kuthan
jiri at iptel.org
Tue Aug 24 11:02:17 CEST 2004
At 10:37 AM 8/24/2004, Richard wrote:
>Hi all,
>
>It was a good discussion. Although I didn't find out any consumer
>router/firewall working with NAT ping, I had some surprisingly good finding.
>
>Before this whole nat ping and binding refreshing issue, I always think a
>better solution is SIP aware NAT, i.e. ALG. I didn't find any good device
>because most ALG router/firewalls were used to be high-end and relatively
>expensive. Also many ALG implementation, e.g. fixup protocol in cisco PIX
>have some serious flaws to be usable.
Hi Richard,
I'm not entirely happy I am so frequent disagreement initiatior in this thread
but I don't like ALGs too much either. They have a bunch of issues, primarily they
don't work with security and secondly they have a high potential for
misimplementing the application logic. This has turned out to be true
in quite many cases in the past. (Nevertheless good to hear there is
a working linksys product.)
-jiri
More information about the sr-users
mailing list