<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1276" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY><FONT face="Courier New" size=2>
<DIV><BR>-----BEGIN PGP SIGNED MESSAGE-----<BR>Hash: SHA1</DIV>
<DIV> </DIV>
<DIV>I thing that I didn't put myself very clear... Let me try an
ASCII-Diagram... ;)</DIV>
<DIV> </DIV>
<DIV> UA1 ---- public IP ---- Internet ------ ADSL/GW ------
UA2<BR> (Win Mes)
(dialup) |
| (IPTables) (Win
Mes)<BR>
|
|<BR>
/-----/
\-----------\<BR>
|
|<BR>
Router(NAT) ADSL/Win
(Windows)<BR>
|
|<BR> UA3
------------+
|<BR> (Win
Mes)
|
UA4 (Win
Mes)<BR>
SER</DIV>
<DIV> </DIV>
<DIV><BR>What I'm looking for is a Proxy to put in the ROUTER-Machine (could be
a Linux/IPTables, FreeBSD, etc):</DIV>
<DIV> </DIV>
<DIV>I undestand what Jan explain, about the complications, and that's why I was
asking about an "inteligent" Proxy to handle SIP traffic.</DIV>
<DIV> </DIV>
<DIV>Suppose that UA3 wants to talk with UA2 (were the ADSL/GW should have
SIProxd installed). The communications flow would be
UA3-SER-Router-Internet-ADSL/GW-UA2. Ok, in the Router appears the first
challenge (how to transverse the NAT, keeping track from the flow?). Here comes
the SIP-Proxy in action. It recieves the packet from SER, make desired changes
and forward it through "Internet" to ADSL/GW. There, the SIProxyd recieves the
packet, apply the related changes and forward it to UA2. Great. Is what we want.
</DIV>
<DIV> </DIV>
<DIV>The reverse, that is, when UA2 (or UA1, or UA4) wants to talk with UA3
becomes the great challenge. How should the Proxy, in Router, knows where to
send the packets that arrive from Internet? To SER? Directly to UA3? It's hard
to make the decision.</DIV>
<DIV> </DIV>
<DIV>The Proxy had to have many from a SIP-Server functionalities. It has to
maintain flows tables with users-ID, ports and servers IP used in each
communication flow (other infos could help in other tasks, but I thing that
these one are the minimum), so that it could decide to whom send each packet
from each flow.</DIV>
<DIV> </DIV>
<DIV>So, do I make my doubts/points clear to You? If my understand is wrong,
sorry and please correct me where necessary.</DIV>
<DIV> </DIV>
<DIV>Edson.</DIV>
<DIV> </DIV>
<DIV>P.S.: In my scenario there is no SER-2-SER communications, but another
problem would be having two (or more) sites like the "Router" one. How to make
than communicate each other through NAT GW/FW?</DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV>- ----- Original Message ----- <BR>From: "Adrian Georgescu" <<A
href="mailto:ag@ag-projects.com">ag@ag-projects.com</A>><BR>To: <<A
href="mailto:serusers@lists.iptel.org">serusers@lists.iptel.org</A>><BR>Sent: Thursday,
January 29, 2004 8:00 AM<BR>Subject: [Serusers] SER + Proxy + NAT</DIV>
<DIV> </DIV>
<DIV><BR>> Edson,<BR>> <BR>> Putting a NAT traversal solution behing
NAT is a chicken and eg <BR>> problem, isn't it?<BR>> <BR>> --<BR>>
Adrian<BR>> <BR>> <BR>> <BR>> Hi all...<BR>> <BR>> I look
through the list's archives, but an not finding info to help me.<BR>>
<BR>> The goal is use SER but not instaled in the GW/FW (it's not an <BR>>
acceptable<BR>> option, well it's acceptable, but not for now). So I'm trying
to put <BR>> the SER<BR>> in the Internal LAN (it could be installed in a
DMZ also). So the <BR>> question<BR>> is if there is any proxy that could
be putted on the GW/FW to handle<BR>> incomming calls (INVITEs) and forward
it correctly to the SER machine <BR>> taken<BR>> over the NAT
issues?<BR>> <BR>> I already look at SIProxd and RTProxy, but the first
didn't forward<BR>> incomming calls, and the second demands that it be
instaled, with SER <BR>> on the<BR>> GW/FW. I also am looking at
SERMediaProxy (RTProxy alternative) but the<BR>> documentations aren't
sufficient detailed to answer my question. Any <BR>> help<BR>> would be
appreciated.<BR>> <BR>> Edson.<BR>> <BR>> </DIV>
<DIV> </DIV>
<DIV><BR>-
--------------------------------------------------------------------------------</DIV>
<DIV> </DIV>
<DIV><BR>> _______________________________________________<BR>> Serusers
mailing list<BR>> <A
href="mailto:serusers@lists.iptel.org">serusers@lists.iptel.org</A><BR>> <A
href="http://lists.iptel.org/mailman/listinfo/serusers">http://mail.iptel.org/mailman/listinfo/serusers</A><BR>>
<BR>-----BEGIN PGP SIGNATURE-----<BR>Version: PGP 8.0</DIV>
<DIV> </DIV>
<DIV>iQA/AwUBQBkkYDdMQB7Du1dpEQLGiQCfcjklZxwiAtG+rj+rKqCpKIORLA0AoOZF<BR>oBf1QhqGvX67oZ14W127mCxl<BR>=oB8Y<BR>-----END
PGP SIGNATURE-----<BR></FONT></DIV></BODY></HTML>