-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Anyone else tried this? We nat most of our customers, some one-to-one, most one-to many... VPN's are no problem and till the other day voip/sip hasn't. Along comes speakeasy... They tested with one system but installed another. Guess what, didn't work. The double nat (ours and their ApLayerGateway) gave them the wrong address in their ALG for the outside. Apparently the setting in their gateway made no difference. Speakeasy asked us to mangle the datagram to put in the right address and we decided not to. So the IT support team for the customer decided to fool the ALG by putting another router in front of the ALG acting like the net with it's outside address in our 10 net space and the inside with an address in our outside range so the ALG could have it's outside address on the wan port like it's directly on the net. Guess what... Looks like it's working. Still more testing to do, but any thoughts about this? Something obvious we are overlooking?
Thanks, Robert -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJNdZL3AAoJEC+8HUjSuDOs+SUH/2hEcYIX4T5epHeDo+Jy4Bbl eJJ+s6jh/4+wsqQiKsQyVk3aL7gCaabNVN7PP7/PtWmpmWc+X6jkAJAuXIIOg6Fa ndA4I+RjanoFWADqq8AV9qvJM/4WWaKSqOUXCYFPOKZq4v/2aySjXx1hsa18LcM8 bt3Qup5zG7Aib8qHAyl0+Iim8OOoU0e5euWSBhnJaA006cT51yCTYLLAXjXyNXZd OKrUZbFpe9SSuto2i3S+L9NUGlFVG+Fkhq40wEvoA9SBStyo9V327yPRncnJRXsj PGdM2sbyeZ99qP3J+GKZmB+nYc04o9GEPvI3BdVBALwFKfhmKZ2jsnfLamPO55E= =mnhf -----END PGP SIGNATURE----- _______________________________________________ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS