Cisco Cisco Expressway
Figure 9 The Web UI for Creating a Static Route
The
xCommand RouteAdd
command and syntax, and the equivalent web UI, are described in full in the Expressway help
and the
Expressway Administrator Guide.
Background Information
The Challenge of NAT for SIP and H.323 Applications
When deploying an Expressway-E for business to business communications, or for supporting home workers and
travelling workers, it is usually desirable to deploy the Expressway-E in a NATed DMZ rather than having the
Expressway-E configured with a publicly routable IP address.
travelling workers, it is usually desirable to deploy the Expressway-E in a NATed DMZ rather than having the
Expressway-E configured with a publicly routable IP address.
Network Address Translation (NAT) poses a challenge with SIP and H.323 applications, as with these protocols, IP
addresses and port numbers are not only used in OSI layer 3 and 4 packet headers, but are also referenced within the
packet payload data of H.323 and SIP messages themselves.
addresses and port numbers are not only used in OSI layer 3 and 4 packet headers, but are also referenced within the
packet payload data of H.323 and SIP messages themselves.
This usually breaks SIP/H.323 call signaling and RTP media packet flows, since NAT routers/firewalls will normally
translate the IP addresses and port numbers of the headers, but leave the IP address and port references within the SIP
and H.323 message payloads unchanged.
translate the IP addresses and port numbers of the headers, but leave the IP address and port references within the SIP
and H.323 message payloads unchanged.
How Does Expressway-E Address This Challenge?
To ensure that call signaling and media connectivity remains functional in scenarios where the Expressway-E is
deployed behind a NAT, the Expressway-E will have to modify the parts of SIP and H.323 messages which contain
references to its actual LAN2 network interface IP address and replace these with the public NAT address of the NAT
router.
deployed behind a NAT, the Expressway-E will have to modify the parts of SIP and H.323 messages which contain
references to its actual LAN2 network interface IP address and replace these with the public NAT address of the NAT
router.
This can be achieved by enabling Static NAT mode on selected network interfaces on the Expressway-E. The Static
NAT mode feature on the Expressway-E is made available with the Advanced Networking option key.
NAT mode feature on the Expressway-E is made available with the Advanced Networking option key.
This option key allows the use of two network interfaces (LAN1 and LAN2) and for Static NAT mode to be enabled on
one or both of these interfaces. You do not have to use both interfaces, but we recommend that you do. If you choose to
use a single interface, and enable static NAT on that interface, read
one or both of these interfaces. You do not have to use both interfaces, but we recommend that you do. If you choose to
use a single interface, and enable static NAT on that interface, read
When static NAT has been enabled on an interface, the Expressway will apply static NAT for all outbound SIP and H.323
traffic for this interface, which means that H.323 and SIP devices have to communicate with this interface using the static
NAT address rather than the local interface address.
traffic for this interface, which means that H.323 and SIP devices have to communicate with this interface using the static
NAT address rather than the local interface address.
When the Advanced Networking key is installed on the Expressway-E, the IP configuration page (System > Network
interfaces > IP) has additional options, allowing the user to decide whether to Use dual network interfaces, to nominate
interfaces > IP) has additional options, allowing the user to decide whether to Use dual network interfaces, to nominate
46
Cisco Expressway-E and Expressway-C - Basic Configuration Deployment Guide