Simple Traversal Of Udp Through Nat; Sip-Nat Interoperation - Linksys SPA1001 Administrator User Manual

Technology Background
With symmetric NAT all requests from the same internal IP address and port to a specific destination IP
address and port are mapped to a unique external source IP address and port. If the same internal host
sends a packet with the same source address and port to a different destination, a different mapping is
used. Only an external host that receives a packet can send a UDP packet back to the internal host.

Simple Traversal of UDP Through NAT

Simple Traversal of UDP through NATs (STUN) is a protocol defined by RFC 3489, that allows a client
behind a NAT device to find out its public address, the type of NAT it is behind, and the port associated
on the Internet connection with a particular local port. This information is used to set up UDP
communication between two hosts that are both behind NAT routers. Open source STUN software can
be obtained at the following website:
http://www.voip-info.org/wiki-Open+Source+VOIP+Software
STUN does not work with a symmetric NAT router. To determine the type of NAT your router uses,
complete the following steps:
Enable debugging on the Linksys ATA:
Step 1
1.
2.
3.
4.
To determine the type of NAT your router is using set <STUN Test Enable> to yes.
Step 2
View the syslog messages to determine if your network uses symmetric NAT or not.
Step 3

SIP-NAT Interoperation

In the case of SIP, the addresses where messages/data should be sent to a Linksys ATA system are
embedded in the SIP messages sent by the device. If the Linksys ATA system is sitting behind a NAT
device, the private IP address assigned to it is not usable for communications with the SIP entities
outside the private network.
If the ITSP offers an outbound NAT-Aware proxy, this discovers the public IP address from the remote
Note
endpoint and eliminates the need to modify the SIP message from the UAC.
The Linksys ATA system must substitute the private IP address information with the proper external IP
address/port in the mapping chosen by the underlying NAT to communicate with a particular public peer
address/port. For this, the Linksys ATA system needs to perform the following tasks:
•
Linksys ATA Administrator Guide
1-12
Make sure you do not have firewall running on your PC that could block the syslog port (by default
this is 514).
On the administration web server, System tab, set <Debug Server> to the IP address and port number
of your syslog server.
Note that this address and port number has to be reachable from the Linksys ATA.
Set <Debug level> to 3 but you do not need to change the value of the <syslog server> parameter.
To capture SIP signaling messages, under the Line tab, set <SIP Debug Option> to Full. The output
is named syslog.514.log.
Discover the NAT mappings used to communicate with the peer.
This can be done with the help of an external device, such as a STUN server. A STUN server
Chapter 1 Introducing Linksys Analog Telephone Adapters
Document Version 3.1