In this section:

Related articles:

Use the NAT Traversal window to configure NAT traversal settings for SIP trunk groups. This section describes the various parameters associated with network-hosted NAT/NAPT traversal for SIP endpoints.

To View and Edit NAT Traversal Parameters

On the SBC main screen, go to Configuration > System Provisioning > Category: Trunk Provisioning > Trunk Group > SIP Trunk Group > Services > NAT Traversal. The NAT Traversal window displays.

Use the drop-down lists to select the desired Address Context, Zone and SIP Trunk Group. The Edit NAT Traversal window displays.


Reference the following parameters table when configuring the NAT traversal settings for the trunk group, and then click Save.

Parameter

Length/Range

Description

Signaling NAT

N/A

Indicates whether or not NAT/NAPT support is required for signaling. 

  • Disabled (default)
  • Enabled

Note
The SBC Core does not support NAT traversal for IPv6 calls. Ensure NAT is disabled in pure IPv6 call scenarios.

Media NAT

N/A

Specifies whether or not NAT/NAPT support is required for media. 

  • Disabled (default)
  • Enabled
Note

Do not configure Media NAT and Ice Support flags on the same trunk group.

Note
The SBC Core does not support NAT traversal for IPv6 calls. Ensure NAT is disabled in pure IPv6 call scenarios.

Learn NAT For Rtp Only

N/A

Enable flag to learn media NAT from the first RTP packet only. If disabled, media NAT is learned from any first packet received. For egress trunk groups, this flag is applicable only if Dynamic LRBT flag is disabled. If Dynamic LRBT is enabled, NAPT learning occurs on arrival of RTP packet until the call is connected, at which point Learn NAT For Rtp Only applies even for egress Trunk Groups. 

  • Disabled (default) 

  • Enabled

Note

The action of this flag does not apply to ICE NAT traversal.

Ice Support

N/A

This parameter indicates the type of Interactive Connectivity Establishment (ICE) method used for STUN packet check.

  • Ice Webrtc - This setting is used when inter-working with WebRTC Gateways, for example the Ribbon WebRTC Gateway or in situations when the SBC is presented with an ICE SDP from a WebRTC-enabled endpoint.

Note

When configured for this mode, SBC acts as a generic ICE-Lite agent.

  • Ice Lync - This is used when inter-working with a Microsoft Lync 2010 or 2013 client.
  • Ice Full - This is used when inter-working with a full ICE client which requires a STUN connectivity check to be generated by the SBC in response to its own STUN connectivity check.
Note

For MS Lync ICE (Ice Lync setting), keep-alive messages are sent only to the RTP port.

Note

Ribbon recommends to avoid configuring both Media Nat and ICE Support on the same Trunk Group because these configurations are independent mechanisms for solving NAT traversal issues. Because of of this, these configurations should not coexist on the same Trunk Group.

Note

The parameter, Learn NAT For Rtp Only, does not apply to ICE and should not be enabled for the Trunk Group with ICE Support enabled.

The SBC's ICE support capability is not supported for GW-GW call scenarios.

Refer to SDP Support for a detailed description on Ice Support.

Ice Keepalive Timer

0-60

Specifies the keep alive timer in full-ICE and MS-Lync ICE. The value ranges from 0 to 60 seconds and the default value is 15 seconds.

Note

The Ice Keepalive Timer appears only when the Ice Support flag is set to Ice Full or Ice Lync.

Ice Trickle

N/A

Trickle ICE is a mechanism that allows ICE agents to shorten session establishment delays by making the candidate gathering and connectivity checking phases of ICE non-blocking and by issuing them in parallel. This allows starting the call setup procedure to the SBC before all candidates have been gathered by the user agent so that additional candidates can be sent to the SBC in subsequent INFO and/or offer and answer messages.Use this flag to enable Trickle Ice support for the trunk group.

  • Disabled (default)
  • Enabled


Before using this feature in production, fully verify the functionality in the lab.

TCP Keepalive Timer

15-65535

This NAT TCP keep-alive timer sets the registration refresh rate (in seconds) for SIP over TCP.

(default = 240)

UDP Keepalive Timer

15-65535

This NAT UDP keep-alive timer sets the registration refresh rate (in seconds) for SIP over UDP.

(default = 60)

Outbound Tcp Keepalive Timer

0-32767

The NAT outbound keepalive timer (in seconds) for SIP over TCP for SIP outbound-supported UAs (RFC 5626).

(default = 240) 

Outbound Udp Keepalive Timer

0-32767

The NAT outbound keepalive timer (in seconds) for SIP over UDP for SIP outbound-supported UAs (RFC 5626).

(default = 60) 

Secure Media NAT Prefix

0-32

Use this parameter to match up to 'N' bits of the network IPv4 address obtained from signaling. If set to "0", feature is disabled, and no match of network IP address will occur. 

(default = 0)

Ice TCP Role

N/A

Use this flag to specify if SBC initiates the TCP connection for ICE Lync.

  • Passive (default): The SBC waits for the peer to initiate the TCP connection. Use this option when working directly with Lync endpoints.
  • Active:  Use this option for the SBC to initiate the TCP connection when connected to internal-facing trunk groups where the peer is not behind the NAT. Also, use this option when working with certain Unified Communication (UC) servers such as Acano which expect the peer to initiate the TCP connection. This is only supported when there are no NATs between the SBC and the UC server.
Note

Ice TCP Role appears only when the Ice Support flag is set to Ice Full or Ice Lync.

Refer to Configuring SBC and LYNC in Media Environment for configuration details.

Disable Media NAT If Same Media And Sig IP

N/A

Enable this flag to disable Media NAT if Media and Signaling IP addresses are identical. 

  • Disabled (default)
  • Enabled