08-19-2011 07:04 AM
i have traffic on a private ip range sending sip traffic that is being natted to another range on a cisco router. how do i get the nat router to change the ip address embedded in the sip to the nat address.
08-20-2011 12:50 AM
You can use the command
ip nat service sip udp port 5060
It's enabled by default.
More info here: http://www.cisco.com/en/US/docs/ios/12_2t/12_2t8/feature/guide/ftnatsip.html
Regards.
08-21-2011 11:57 PM
Hi Daniele,
Thanks. But this is already enabled.
This is my present config and show ver.
sh ver
Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9_NPE-M), Version 15.0(1)M2, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Wed 10-Mar-10 22:27 by prod_rel_team
ROM: System Bootstrap, Version 15.0(1r)M6, RELEASE SOFTWARE (fc1)
NORF50IPT1 uptime is 1 day, 23 hours, 26 minutes
System returned to ROM by reload at 11:21:52 MSD Sat Aug 20 2011
System image file is "flash0:c1900-universalk9_npe-mz.SPA.150-1.M2.bin"
Last reload type: Normal Reload
Last reload reason: Reload Command
interface GigabitEthernet0/0
description link to Avaya PBX
ip address 146.30.106.250 255.255.255.252
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 192.168.211.106 255.255.255.0
ip accounting output-packets
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
ip nat service allow-multipart
ip nat inside source static 192.168.1.10 192.168.211.106 route-map ipt
access-list 1 permit 192.168.1.0 0.0.0.255
route-map ipt permit 10
match ip address 1
here is the output from a debug ip nat sip:-
*Aug 22 10:57:26 MSD: NAT: map match ipt
*Aug 22 10:57:26 MSD: mapping pointer available mapping:0
*Aug 22 10:57:26 MSD: NAT: New entry added to map hash table
*Aug 22 10:57:26 MSD: NAT: i: tcp (192.168.1.10, 52435) -> (192.168.111.2, 5060)
*Aug 22 10:57:26 MSD: NAT: created edit_context (192.168.1.10,52435) -> (192.168.111.2,5060)
*Aug 22 10:57:26 MSD: NAT: s=192.168.1.10->192.168.211.106, d=192.168.111.2
*Aug 22 10:57:26 MSD: NAT: o: tcp (192.168.111.2, 5060) -> (192.168.211.106, 52435)
*Aug 22 10:57:26 MSD: NAT: s=192.168.111.2, d=192.168.211.106->192.168.1.10
NORF50IPT1#
*Aug 22 10:57:52 MSD: NAT: map match ipt
*Aug 22 10:57:52 MSD: mapping pointer available mapping:0
*Aug 22 10:57:52 MSD: NAT:refcount increased to entry in map hash table
*Aug 22 10:57:52 MSD: NAT: i: tcp (192.168.1.10, 45661) -> (192.168.111.2, 5060)
*Aug 22 10:57:52 MSD: NAT: created edit_context (192.168.1.10,45661) -> (192.168.111.2,5060)
*Aug 22 10:57:52 MSD: NAT: s=192.168.1.10->192.168.211.106, d=192.168.111.2
*Aug 22 10:57:52 MSD: NAT: o: tcp (192.168.111.2, 5060) -> (192.168.211.106, 45661)
*Aug 22 10:57:52 MSD: NAT: s=192.168.111.2, d=192.168.211.106->192.168.1.10
I cannot see it changing the embedded ip in the sip.
08-22-2011 11:21 AM
NAT process translates the source inside address in the outside address.
NAT listens on the default SIP port 5060 to translate the SIP messages. If the SIP inside user agent uses a port other than the default port, that port needs to be configured using the ip nat service sip command.
eg: ip nat service sip tcp port 52435
In your traces SIP user agent uses 52435 and 45661 tcp ports.
If your SIP user agent uses a dynamic ports range you must configure every single port.
Regards.
08-22-2011 10:58 PM
Hi,
I think you are reading this the wrong way around. The traffic comes from 192.168.1.10 gets natted to 192.168.211.106 then goes to 192.168.111.2.
In the trace the destination port, going to 192.168.111.2, is 5060.
Cheers
Tony
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide