Solved

TURN Server Behind Firewall

Posted on 2013-01-07

1 solution

594 Views

Last Modified: 2013-01-18

Hello,

i published a TURN Server ( LAN IP : 192.168.1.10 ) via ASA (using public IP : 10.10.10.2)
and allowed TCP/UDP ports 3478 & 3479.

i.e, TURN (192.168.1.10) --- ASA ---10.10.10.2 (internet ip)

- when one voip client from behind symetric NAT and one client from our office LAN can able to register to VOIP server with TURN settings

ex: for client behind symetric NAT - 10.10.10.2 (TURN Server )
for Client in LAN - 192.168.1.10 (TURN Server)

dialing from both clients is working. but, after call establishment there is only one way media.
i.e, from LAN voip Client to client behind symetric NAT.

when i use wireshark to capture packets. TURN Server is not forwarding packets to Public Client (to client behind NAT using it's Published IP address i.e 10.10.10.2 ), insted it's forwarding packets to Firewall (ASA - 10.10.10.1)

can any body help me to resolve this issue.

Thanks,
Rafi

Comment

Question by:hellosoft

[X]

Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

Help others & share knowledge
Earn cash & points
Learn & ask questions

Join The Community

6 Comments

LVL 20

Accepted Solution

by:agonza07

agonza07 earned 500 total points

ID: 387524832013-01-07

You need to do double nat.

http://routerjockey.com/2012/09/28/asa-double-nat-in-8-4/

http://www.xerunetworks.com/2012/03/asa-8-38-4-double-natsource-destination-nat-migration-lab-guide-lab-1-4/

Author Comment

by:hellosoft

ID: 387536332013-01-07

Thanks agonza07,

i already did those things which shown in above links but, iam facing issues after that.

i have several voip server (sip servers) hosted in same manner, i don't have any issue with those .

i am having issue with TURN Server.

any more ideas suitable for above described scenario.

LVL 20

Expert Comment

by:agonza07

ID: 387549572013-01-08

Upload your config so we can check it out. Make sure to remove any public IP info.

Author Comment

by:hellosoft

ID: 387549802013-01-08

you are asking TURN Server Config file !! right

LVL 20

Expert Comment

by:agonza07

ID: 387550002013-01-08

I'm sorry, no, your ASA config.

Author Closing Comment

by:hellosoft

ID: 387925332013-01-18

Did get exact solution but, links are knowledge giving.

Featured Post

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cloud disaster recovery mistakes your organization might be making. (As appeared in Cloud Computing Magazine)

Article by: Concerto Cloud

When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.

Cisco 40GB QSFP ports & QSFP-4SFP-CU1M cables explained

Article by: Rob

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…

Live Webinar Part 1- Top Ten Winning Strategies to Partnership in the Cloud

Video by: Concerto Cloud

Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

NetCrunch network monitor live walk-through

Video by: AdRem

NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…