To allow Direct Media between NAT devices, or between NAT and Non-NAT devices, the following configuration is necessary.
Direct Media with NAT will not work under following conditions:
- If the
addressContext
name of both the endpoints does not match - If Direct Media Group ID's do not match (Ensure the
directMediaGroupId
is identical on both Trunk Groups) - For a Lawful Intercepted call
For SIP Direct Media calls, if you enable SIP Trunk Group level flag directMediaAllowed
and the Packet Service Profile level flag useDirectMedia
, the SBC supports a maximum of four media lines in the received INVITE. If the number of media lines exceeds four, the SBC fails to perform due to error conditions.
Configuring Direct Media Between Endpoints Behind the Same NAT
ACCESS SIDE:
- At SIP Trunk Group Level
directMediaAllowed
enableddirectMediaAllowedBehindNat
enabled
- At Packet Service Profile Level
-
useDirectMedia
enabled
-
CORE SIDE (towards Application Server):
- At IPSP Level
sendDirectMediaInfoInSdpAttribute
enabled
- At Packet Service Profile Level
useDirectMedia
enabled
The dmNatPrefix
table is not required to create as the endpoints are behind the same NAT.
Configuring Direct Media Between Endpoints Behind the Different NAT
ACCESS SIDE:
- At SIP Trunk Group Level
directMediaAllowed
enableddirectMediaAllowedBehindNat
enabledsdpTransparencyState
disabled
- At Packet Service Profile Level
useDirectMedia
enabled
CORE SIDE (towards Application Server):
- At IPSP Level
sendDirectMediaInfoInSdpAttribute
enabled
- At Packet Service Profile Level
useDirectMedia
enabled
- At Address Context Level
- Creating the table
dmNatPrefix
onaddressContext
- Adding the signaling IP Address of NAT Box, which can have direct media among them.
- Creating the table
Configuring Direct Media Between Endpoints Behind the NAT and Non-NAT Endpoint
This is an occasional scenario where an endpoint behind NAT can have Direct Media with endpoint not behind NAT. However, if such a case exists, SBC exchanges the media IPs of such devices, while the actual exchange of media depends on the network.
ACCESS SIDE:
- At SIP Trunk Group Level
directMediaAllowed
enableddirectMediaAllowedBehindNat
enabledsdpTransparencyState
disabled
- At Packet Service Profile Level
useDirectMedia
enabled
CORE SIDE (towards Application Server):
- At IPSP Level
sendDirectMediaInfoInSdpAttribute
enabled
- At Packet Service Profile Level
useDirectMedia
enabled
- At Address Context Level:
- Creating
dmNatPrefix
onaddressContext
- Adding signaling IP Address of,
- NAT Box
- Endpoint signaling IP not behind NAT.
- Creating
The CLI syntax to enable Direct Media with NAPT on Trunk Group is as follows:
% set addressContext <name> zone <name> sipTrunkGroup <TG-Name> media directMediaAllowedBehindNapt <disable|enable>
The CLI syntax to group the endpoint signaling IP addresses for which to allow Direct Media with NAPT is as follows:
% set addressContext <name> natDirectMediaGroup <groupName> dmNatPrefix <IpV4_Address> <prefixLen>
Related articles: