[Serusers] Problem with ATA186 and NAT (Linksys).
Andrei Pelinescu-Onciul
pelinescu-onciul at fokus.fraunhofer.de
Sat Jun 5 09:35:45 CEST 2004
On Jun 04, 2004 at 18:21, Tom Lowe <tom at comprotech.com> wrote:
>
> I actually tried that once, but I tried it again just to be sure.
>
> My linksys is LAN side is 192.168.51.X. So my Linksys is 192.168.51.1
> and my ATA is 192.168.51.153. I put 192.168.51.1 in the NATIP field.
> It worked....so to prove that's the solution, I removed it, and it still
> works. So that's not the solution.
>
> Out of curiosity, Can anyone say what this NATIP field actually
> accomplishes? Asterisk doesn't require you to populate that field with
> anything.
>
> My understanding of the mechanics behind NAT is that, if the router
> receives a request for a port that is already mapped to another user, it
> will assign a new port. That's what was happening here. 5060 was
> already mapped to another user (I believe a softphone on my PC), so it
> used 15060.
>
> So, it sends to SER 5060 from 15060. SER should respond to 15060 from
> 5060, Router will tranlate the 15060 to 5060 and deliver it to my ATA.
> The problem was that SER was sending to 5060 instead of 15060.
No, ser should respond to the port in Via, or if rport is present to the
source port of the packet.
Your CISCO ATA doesn't include rport (it seems they don't support it),
Solution: in your ser.cfg nat block add force_rport() (this will force
ser to behave as if rport was present).
>
> I suspect that the original mapping in the router expired, so now it's
> using 5060 instead of 15060, which is allowing it to work.
>
> So, to test this theory, I fired up XTEN on my PC. Sure enough, it's
> mapping another, but now, SER is responding with the proper port.
Because xten includes rport in its Via.
>
> I'm wondering if that section of code in my ser.cfg file that is calling
> the nathelper commands if the originator is an ATA is actually causing
> damage rather than fixing things? (I got that code from someone else
> who suposedly got this all working with ATA behind a NAT) I'm going to
> have to wait until this mapping times out again to try it back around
> the other way.
You should have a section dealing with all kinds of natted UACs, not
only ATA. See nat_uac_test(...), it can test in various ways if an
icoming request is comming from behind a nat.
Andrei
More information about the sr-users
mailing list