This Best Practice describes how NAT Traversal is enabled and configured within the SBC Edge, including guidelines for usage.
NAT Traversal (also known as RTP Latching) allows the SBC Edgeto register and communicate with SIP endpoints that are behind NAT routers. The most common example of using NAT Traversal is a SIP phone or soft-client behind a home gateway, communicating with an SBC on the public internet. The SIP Phone behind the NAT could not properly communicate with the SBC Edge, as the client used its local private address in SIP, but the SBC could not directly reach this address. NAT Traversal gives the SBC the ability to communicate with SIP endpoints behind NATs, regardless of the client's address.
In a typical network layout (see below), an SBC 1000 has both a public interface connected to the internet, and a private interface connected to the corporate network. A user's home network is also attached to the network with a NAT router and a SIP phone behind it. In this example, SIP requests arrive at the SBC from the Home SIP Phone wih the SIP Phone's private IP address (i.e., 192.168.10.2). With Inbound NAT Traversal enabled, the SBC 1000 can detect the public IP address (i.e. 18.104.22.168). Once this detection is made, all communication to this endpoint is sent to the public IP, rather than the private IP from the Home SIP Phone.
These instructions assume you are logged into the SBC Edge WebUI.
In the left navigation pane, go to SIP > NAT Qualified Prefix Tables.
Access the Inbound NAT Traversal options.
Do not confuse the Inbound NAT Traversal fields with the Outbound NAT Traversal fields in the SIP IP Details section. The Outbound NAT Traversal fields are used when the SBC is on the private side of a NAT device.
From the Detection drop down list, select Enable.
Configure optional fields (i.e, Secure Media Latching, Secure Media Netmask and Registrar Max. TTL Enabled). For field definitions, see Creating and Modifying SIP Signaling Groups.
The following are guidelines/recommendations for configuring and using the NAT Traversal feature.
We recommend that connecting NAT routers have SIP ALG disabled in order for NAT traversal to function properly.