James Knott wrote:
On 2019-08-15 03:17 AM, Per Jessen wrote:
The NAT is done with keep-alive traffic or with a STUN server, I don't think one works better than the other. As I mentioned, I am not aware of any of my installations having been behind a CGN, but I fail to see the significance. Basically, if you can browse a website from behind layers of NAT and CGN, the VoIP telephone will also work.
The problem is that VoIP is supposed to work directly end to end. NAT breaks that.
In my experience, that is a theorical problerm. In practice, the problem has been solved. It works. In my case for at least 10 years.
So, first off, the firewall NAT has to be configured to pass the incoming UDP packets to the phone. Then, STUN has to be used, as the address contained in the UDP packets is for the phone, not the firewall. Since that's going to be an RFC1918 address, it can't be used. Instead a STUN server is used to provide the actual public firewall address. This is a hack to get around NAT. Now with CGN, you cannot configure the NAT to provide the appropriate address to get to the phone, which is on the other side of another NAT. On top of that, you'd need another layer of STUN and I don't know that's supported.
James, in what I describe, never once didn't anyone touch the router config, NAT'ing, firewall nor anything else. That would have been far too involved, likely would have required sending someone out to do it. Anyway, we're already way off-topic again. -- Per Jessen, Zürich (18.6°C) http://www.cloudsuisse.com/ - your owncloud, hosted in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org