How to configure NAT so that the user can login all situati


#1

hi,
I know the NAT=yes setting means the user must be behind NAT.And the setting value of no is no behind NAT.But the user always change their situation ,sometimes behind NAT ,sometimes not.How to solve the problem? And how to configure the NAT value in channel so that the user can login at every situation neighter behind NAT or not? Because some business always roam out and online without NAT.Thanks.


#2

Hi David,

I’ve been thinking about this one for a client who wants his sales reps to run softphones off their laptops maintaining the same ext no: wether they are in or out of the office.

What I’m going to try for a test is placing the * server in a DMZ so there is access from both the public facing and lan subnets using the same client config settings regardless of location.

The x-lite softphones will be configured to connect to the SIP server using a DNS name that is valid from both sides (I’d previously set up split-brain DNs for the client).

When one of the sales reps starts up x-lite, the program looks for voipbx.companyname.com. From outside the company this name resolves to a public ip address which then goes to the DMZ address.

From the LAN this resolves to the DMZ address which the firewall will have the route to.

Using this approach should allow for the settings on the client software to stay the same regardless of location.

Currently the sales reps vpn on site to access the VoIP server but this has caused isses with client sites who prevent dynamic outbound VPN connections but are happy to allow outbound sip connections.

Does this sound of any use ?


#3

Thanks for your reply.
I think you do not understand what I said.I have put my server in public.That is the server have a public ip address.I mean that the extensions configured in server are not dynamic.If the extension is configured with NAT=yes.That is the user login must be behind NAT.If he online is not behind NAT,he will not login my server.I must solve the problem.That is i want to the user neither behind NAT or not can login my server with the same account.Thanks.


#4

Hi guys. Look if you put nat=yes it seems to work in all conditions. All it does it tells server to ignore(not to ignore but leave it with no computation) the address and to send all packs just to address it receives them form, nothing else. So it just sends the packets just to address it received them from. That’s it.


#5

Thanks your reply.
Is it different value DOMAIN/REALM setging behind NAT or not?I know domain setting is the client public address.So if the client change public address or chnage NAT enviroment from yes to no,how should the DOMAIN/REAML setting be modified?