Saturday, August 9, 2008

SIP NAT Traversal

So, you've got your fancy SIP phone system all setup and now you want to connect it to the outside world (to an ITSP or to another SIP PBX). Some may be lucky enough to have NAT traversal built in but many are not. Even if you do have NAT traversal built into your product, how secure is it? Does it support near-end and far-end NAT traversal?

What is the problem with SIP and NAT? It was detailed very well at freshmeat in a tutorial. NAT Traversal for the SIP protocol

In the sipX world we'll need to wait for release 4.0 for NAT traversal to be built in.

In the mean time here are some possible solutions.

Ingate - Ingate's Siparator or SIP firewalls are secure and reliable means of getting near and far-end NAT traversal. The remote NAT traversal is an option that allows for configuration-free (client side) NAT traversal or allows you to set it up as a STUN server. I've used Ingate's products many times and am very happy with their support and configuration options.

Edgewater Networks - I haven't had a chance to work with these products yet but their Edgemark line of equipment looks very promising for Internet edge connectivity.

OpenSBC - Seems to be one of the more popular choices in the open source world. I haven't tried it myself as I've really needed some commercially supported solution like the Ingate. If somebody has tried it please comment...

Others people like?

No comments: