Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.
TURN Server Behind Firewall
Hello,
i published a TURN Server ( LAN IP : 192.168.1.10 ) via ASA (using public IP : 10.10.10.2)
and allowed TCP/UDP ports 3478 & 3479.
i.e, TURN (192.168.1.10) --- ASA ---10.10.10.2 (internet ip)
- when one voip client from behind symetric NAT and one client from our office LAN can able to register to VOIP server with TURN settings
ex: for client behind symetric NAT - 10.10.10.2 (TURN Server )
for Client in LAN - 192.168.1.10 (TURN Server)
dialing from both clients is working. but, after call establishment there is only one way media.
i.e, from LAN voip Client to client behind symetric NAT.
when i use wireshark to capture packets. TURN Server is not forwarding packets to Public Client (to client behind NAT using it's Published IP address i.e 10.10.10.2 ), insted it's forwarding packets to Firewall (ASA - 10.10.10.1)
can any body help me to resolve this issue.
Thanks,
Rafi
i published a TURN Server ( LAN IP : 192.168.1.10 ) via ASA (using public IP : 10.10.10.2)
and allowed TCP/UDP ports 3478 & 3479.
i.e, TURN (192.168.1.10) --- ASA ---10.10.10.2 (internet ip)
- when one voip client from behind symetric NAT and one client from our office LAN can able to register to VOIP server with TURN settings
ex: for client behind symetric NAT - 10.10.10.2 (TURN Server )
for Client in LAN - 192.168.1.10 (TURN Server)
dialing from both clients is working. but, after call establishment there is only one way media.
i.e, from LAN voip Client to client behind symetric NAT.
when i use wireshark to capture packets. TURN Server is not forwarding packets to Public Client (to client behind NAT using it's Published IP address i.e 10.10.10.2 ), insted it's forwarding packets to Firewall (ASA - 10.10.10.1)
can any body help me to resolve this issue.
Thanks,
Rafi
Who is Participating?
Thanks agonza07,
i already did those things which shown in above links but, iam facing issues after that.
i have several voip server (sip servers) hosted in same manner, i don't have any issue with those .
i am having issue with TURN Server.
any more ideas suitable for above described scenario.
i already did those things which shown in above links but, iam facing issues after that.
i have several voip server (sip servers) hosted in same manner, i don't have any issue with those .
i am having issue with TURN Server.
any more ideas suitable for above described scenario.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
http://routerjockey.com/2012/09/28/asa-double-nat-in-8-4/
http://www.xerunetworks.com/2012/03/asa-8-38-4-double-natsource-destination-nat-migration-lab-guide-lab-1-4/