Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
892
Views
15
Helpful
5
Replies

NAT for Call Manager

Humayun.sami_2
Level 1
Level 1

‎09-24-2010 05:59 AM - edited ‎03-16-2019 12:59 AM

Is it recommended to use NAT on VoIP. I have two seperate cluster one for cisco call manager and other for Avaya. We are integrating both the setups(h323). Is it ok to use NAT. Can someone provide me a document which helps in this reference.

For what reason people do not recommend it in the network, or is it the same that you do not register your call managers with the domain server. Look forward to hear.

Regards,

Humayun Sami.

Labels:
0 Helpful
5 Replies 5

paolo bevilacqua
Hall of Fame
Hall of Fame

‎09-24-2010 06:36 AM

No, it is NOT OK to use NAT for Voip and / or CM.

If you do that, you will run into many, many problems, and realize a poor design.

Steven Holl
Cisco Employee
Cisco Employee

‎09-24-2010 06:49 AM

If you can get by with not using NAT, it is preferred from the perspective of having less complexity, hence less things to go wrong.

That being said, NAT should work fine.  There are some gotchas with SCCP v17 and NAT on some platforms, though.  And there's an IOS NAT bug that it can't handle multiple c lines.

If you need to hide addresses between sites, you could use a CUBE with media flow-through.

Joseph Martini
Cisco Employee
Cisco Employee
In response to Steven Holl

‎09-24-2010 12:07 PM

To add to that, many 3rd party devices are lacking SCCP support for inspection when doing NAT.  While some 3rd parties can inspect SCCP packets their support is almost always behind what Cisco devices will support (in terms of newer SCCP versions).

Humayun.sami_2
Level 1
Level 1
In response to Steven Holl

‎09-26-2010 10:24 PM

Thank everyone, I have a question here, lets say that we can get it to work with using NAT. I wanted to understand the design that how does the IP to IP (Call Manager to Manager) and phone to phone connectivity works. As in my knowledge we have separate IP’s for Call Manager. My question is in respect to the RTP session establishment.

I understand it with that we can provide NAT’d addresses to Call Managers, how will the Phone work here. Even if we have NAT’d the phones subnet as well. To create RTP session phones will definitely have direct session established. Can you please make me understand the design working here in regards to the phone communication and RTP session establishment.

Regards,
Humayun Sami

0 Helpful

Steven Holl
Cisco Employee
Cisco Employee
In response to Humayun.sami_2

‎09-27-2010 05:50 AM

So keep in mind that typically media won't go through CM, and the media will be directly between the IP phones or phone and gateway for calls.  Unless you invoke an MTP for the call, in which each side will talk to the MTP.

The only time NAT needs to come into play here is:

* If one of the endpoints is on the other side of the NAT boundary.  The RTP addresses and media information in the SCCP packet need to be inspected.


* If CM is on the other side of the NAT boundary, so that the media information in the SCCP packet contains an address which the endpoint is able to reach.

Essentially, just make sure that every device doing NAT where SCCP or RTP traffic traverses has the capability to do SCCP fixup/inspection.  Which typically means it needs to be a Cisco device, since SCCP isn't an open standard, so most companies don't support NAT fixup/inspection with SCCP.

Customers Also Viewed These Support Documents