Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
481
Views
0
Helpful
4
Replies

how to NAT SIP address with firewall

mohammad saeed
Level 5
Level 5

‎02-02-2016 10:50 AM - edited ‎03-18-2019 05:31 AM

Hi Guys,

I am little bit confused, I have Telepresense Codec20 and I need to be able to make a remote session, and I have public ip address for internet and I have SIP IP server address from Service provider, how can I simply be able to make a remote call with another telepresence. 

DO I need to NAT the public IP address or SIP server IP address in my firewall?

Thanks for you guys,

Mohammad Saeed

Labels:
0 Helpful
4 Replies 4

Acevirgil de Ocampo
Level 7
Level 7

‎02-02-2016 11:57 AM

If your endpoint is registered as SIP on the Service provider, the service provider should allow you to dial public IP addresses or using SIP URI addresses.

Also if you need to secure your endpoint, you need to NAT the public IP address.

You may refer to the ports needed to open on your firewall:

https://supportforums.cisco.com/sites/default/files/legacy/7/3/1/46137-IP%20%26%20SIP%20Ports%20For%20Firewalls.pdf

You need also to enable NAT on the endpoint. Refer to page 74 on this guide.

http://www.cisco.com/c/dam/en/us/td/docs/telepresence/endpoint/quick-set-sx20/tc7/administration-guide/sx20-quickset-administrator-guide-tc73.pdf

regards,

Acevirgil

0 Helpful

mohammad saeed
Level 5
Level 5
In response to Acevirgil de Ocampo

‎02-02-2016 11:57 AM

So I think it's better to use SIP server IP address to be NAT, I have Internet GW 2951 before the fortigate firewall, Do I need to do NAT in the router as well ?

0 Helpful

Acevirgil de Ocampo
Level 7
Level 7
In response to mohammad saeed

‎02-02-2016 11:00 PM

How is you endpoint deployed on your network? Is it configured with public IP address and have a SIP URI registered to a SIP server hosted by your service provider? If yes, no need for you to NAT the SIP server IP address since remote endpoints will not contact you on that address. They will reach your endpoint by dialing its IP address (if reachable on internet) or SIP URI (if resolvable on the DNS).

The only address you need to NAT is the IP address of your endpoint. Relocate your endpoint on the LAN and give a private IP then NAT it with a public IP address.

regards,

Acevirgil

0 Helpful

mohammad saeed
Level 5
Level 5
In response to Acevirgil de Ocampo

‎02-04-2016 02:28 AM

Actually I connected with my network and call locally by internal extension, but now I am planning to make call remotely, do you have some document explain how to do that, I tried to ping to SIP server IP address from Internet gateway but doesn't reached but I can ping from Voice Gateway! 

I need to know what shall I do in my CUCM 8.6 , Fortigate firewall, Internet GW and Voice GW.

If you have some documents can help about that!

I am very thankful for you friend :-)

Mohammad Saeed

0 Helpful
Customers Also Viewed These Support Documents