> Were having the same problem, but the other way around. > > We have some SIP UA's behind a NAT firewall. > This problem only applies to a particular brand of TA's, the others > (Cisco ATA's) works fine.
For those that might be using firewalls (regardless of vendor), keep in mind that some boxes implement NAT (network address translation), some PAT (port address translation), and some do both. Most of the Linksys boxes (as one example only) do PAT, which causes the "first" session to function properly but subsequent sessions fail. There are a ton of folks that have had issues with PAT, but the issues are rather difficult to diagnose without a sniffer. (Example: user workstation runs an app that starts on udp:5400. The second occurance of the app from the inside edge of this box, possibly from a different workstation, attempts to use the same udp:5400. The outside edge of the box already has udp:5400 in use, therefore the second occurence invokes the PAT function mapping the user to another udp sorce port. Needless to say, the second occurance will fail "if" the app is expecting to/from traffic on a specific port.) Note also these firewall boxes frequently use unusual table timeout values for udp NAT & PAT. Since there is no "session" (as there are in tcp), the firewall box must use some preset timeout value that essentially removes the udp table entries after some period of inactivity. The PIX firewall, as an example only, has a rather lengthy timeout while others "could be" as short as 5, 10, 15 seconds. The timeout value is not well published for most of the cheap boxes. Therefore, before jumping to a conclusion that would suggest one piece of voice-over equipment is better/worse then others through a firewall, one might want to obtain a sniffer trace of the packet flows to validate actual activity. _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users