Anybody do inbound NAT of SIP/TLS?
I know that with SIP there's a separate RTP data stream that has to be accounted for. But I've never dealt with SIP/TLS. Does the RTP portion of a call ride on the same TLS connection, or is there a different port involved?
Can anyone who's doing this give me the particulars?
Background:
We have an Asian business unit that is implementing a new Panasonic PBX. Part of the deal is a softphone app for their cell phones that can let them connect to the PBX over the internal wifi network, or, in theory, over the Internet.
It looks like I have two options for handling Internet connectivity to the PBX:
- Connect an interface on the PBX to the Internet and give it a public IP
- Do an inbound NAT of SIP/TLS on the local ASA to the PBX's internal IP address.
I'm not crazy about the first option. There's nothing that leads me to believe the PBX is secure enough to consider an Internet and internal connection. So, I'd like to do the inbound NAT.
There's no documentation from Panasonic, and the VAR that is installing the PBX is useless outside doing the basic setup.
The Panasonic PBX in question is apparently a Europe/Asia only model. Panasonic UK won't talk to me because I'm in the States, and Panasonic US won't even acknowledge that PBX exists, let alone talk to me about it.
No comments:
Post a Comment