Solved

TURN Server Behind Firewall

Posted on 2013-01-07
6
547 Views
Last Modified: 2013-01-18
Hello,

i published a TURN Server ( LAN IP : 192.168.1.10 ) via ASA (using public IP : 10.10.10.2)
and allowed TCP/UDP ports 3478 & 3479.

i.e, TURN (192.168.1.10) --- ASA ---10.10.10.2 (internet ip)

- when one voip client from behind symetric NAT and one client from our office LAN can able to register to VOIP server with TURN settings

ex: for client behind symetric NAT  -  10.10.10.2 (TURN Server )
      for Client in LAN                        -   192.168.1.10 (TURN Server)

dialing from both clients is working. but, after call establishment there is only one way media.
i.e, from LAN voip Client to client behind symetric NAT.


when i use wireshark to capture packets. TURN Server is not forwarding packets to Public Client (to client behind NAT using it's Published IP address i.e 10.10.10.2 ), insted it's forwarding packets to Firewall (ASA - 10.10.10.1)

can any body help me to resolve this issue.


Thanks,
Rafi
0
Comment
Question by:hellosoft
  • 3
  • 3
6 Comments
 
LVL 20

Accepted Solution

by:
agonza07 earned 500 total points
ID: 38752483
0
 

Author Comment

by:hellosoft
ID: 38753633
Thanks agonza07,

i already did those things which shown in above links but,  iam facing issues after that.

i have several voip server (sip servers) hosted in same manner, i don't have any issue with those .

i am having issue with TURN Server.

any more ideas suitable for above described scenario.
0
 
LVL 20

Expert Comment

by:agonza07
ID: 38754957
Upload your config so we can check it out. Make sure to remove any public IP info.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:hellosoft
ID: 38754980
you are asking TURN Server Config file !! right
0
 
LVL 20

Expert Comment

by:agonza07
ID: 38755000
I'm sorry, no, your ASA config.
0
 

Author Closing Comment

by:hellosoft
ID: 38792533
Did get exact solution but, links are knowledge giving.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question