-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Anyone else tried this? We nat most of our customers, some one-to-one,
most one-to many... VPN's are no problem and till the other day
voip/sip hasn't. Along comes speakeasy... They tested with one
system but installed another. Guess what, didn't work. The double nat
(ours and their ApLayerGateway) gave them the wrong address in their ALG
for the outside. Apparently the setting in their gateway made no
difference. Speakeasy asked us to mangle the datagram to put in the
right address and we decided not to. So the IT support team for the
customer decided to fool the ALG by putting another router in front of
the ALG acting like the net with it's outside address in our 10 net
space and the inside with an address in our outside range so the ALG
could have it's outside address on the wan port like it's directly on
the net.
Guess what... Looks like it's working. Still more testing to do, but
any thoughts about this? Something obvious we are overlooking?
Thanks,
Robert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJNdZL3AAoJEC+8HUjSuDOs+SUH/2hEcYIX4T5epHeDo+Jy4Bbl
eJJ+s6jh/4+wsqQiKsQyVk3aL7gCaabNVN7PP7/PtWmpmWc+X6jkAJAuXIIOg6Fa
ndA4I+RjanoFWADqq8AV9qvJM/4WWaKSqOUXCYFPOKZq4v/2aySjXx1hsa18LcM8
bt3Qup5zG7Aib8qHAyl0+Iim8OOoU0e5euWSBhnJaA006cT51yCTYLLAXjXyNXZd
OKrUZbFpe9SSuto2i3S+L9NUGlFVG+Fkhq40wEvoA9SBStyo9V327yPRncnJRXsj
PGdM2sbyeZ99qP3J+GKZmB+nYc04o9GEPvI3BdVBALwFKfhmKZ2jsnfLamPO55E=
=mnhf
-----END PGP SIGNATURE-----
_______________________________________________
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
