AudioCodes Mediant 800B User Manual page 157

User's Manual
the SIP dialog are sent using the IP address in the Contact header, and responses to
INVITEs are sent using the IP address in the Via header. To enable or disable the device's
NAT Detection mechanism, use the 'SIP NAT Detection' parameter.
If necessary, you can also configure the device to always consider incoming SIP INVITE
messages as sent from endpoints that are located behind NAT. When this is enabled, the
device sends responses to the INVITE (to the endpoint), using the the source IP address of
the packet (INVITE) initially received from the endpoint. This is especially useful in
scenarios where the endpoint is located behind a NAT firewall and the device (for whatever
reason) is unable to identify NAT using its regular NAT Detection mechanism. This feature
is enabled per specific calls using IP Groups. To configure this feature, use the 'Always
Use Source Address' parameter in the IP Group table (see ''Configuring IP Groups'' on
page 349). If this feature is disabled, the device's NAT detection is according to the settings
of the global parameter, 'SIP NAT Detection' parameter.
12.10.2.2 Media (RTP/RTCP/T.38)
When a remote UA initiates a call and is not located behind a NAT server, the device
sends the RTP (or RTCP, T.38) packets to the remote UA using the IP address:port (UDP)
indicated in the SDP body of the SIP message received from the UA. However, if the UA is
located behind NAT, the device sends the RTP with the IP address of the UA (i.e., private
IP address) as the destination, instead of that of the NAT server. Thus, the RTP will not
reach the UA. To resolve this NAT traversal problem, the device offers the following
features:

First Incoming Packet Mechanism - see ''First Incoming Packet Mechanism'' on page
157

RTP No-Op packets according to the avt-rtp-noop draft - see ''No-Op Packets'' on
page 158
The figure below illustrates a typical network architecture where the remote UA is located
behind NAT:
12.10.2.2.1 First Incoming Packet Mechanism
In scenarios where the remote user agent (UA) resides behind a NAT server, it's possible
that the device, if not configured for NAT traversal, will send the media (RTP, RTCP and
T.38) streams to an invalid IP address / UDP port (i.e., private IP address:port of UA and
not the public address). When the UA is located behind a NAT, although the UA sends its
private IP address:port in the original SIP message (INVITE), the device receives the
subsequent media packets with a source address of a public IP address:port (i.e., allocated
by the NAT server). Therefore, to ensure that the media reaches the UA, the device must
send it to the public address.
Version 7.0
Figure 12-12: Remote UA behind NAT
157 Mediant 800B Gateway and E- SBC
12. Network