Sipura SPA behind NAT ~~~~~~~~~~~~~~~~~~~~~ The Sipura had problems running behind nat with a netted address. It would often loose incomming or outgoing audio. Putting the Sipura on an external IP means that it can not benefit from firewall rules. Giving it a piblic IP which is static natted seems to work well. Here is a sample configuration that works with a FreeBSD gateway. +---------------------------------------------+ | Gateway Machine | +---------------------------------------------+ | | +--> | a.b.c.e (Existing Addresses Usage) | The Internet --+ | | +--> | a.b.c.s (Static NAT to 192.168.0.Sipura) | | Block tcp traffic with ipfw | | Static NAT this IP to Internal IP | | | | | | 192.168.0.1 | +------+--------------------------------------+ | | +------------------+------------------+-----------... | | | 192.168.0.Sipura 192.168.0.PC_1 192.168.0.PC_2 a.b.c.e = Public IP Address a.b.c.s = Public IP Address for Sipura /etc/firewall.rules ~~~~~~~~~~~~~~~~~~~ # 00100 Rule 1 # 00200 Rule 2 # # Do not let any tcp traffic out from the Sipura to its Public IP (Outbound) 00300 add deny tcp from any to a.b.c.s # # 00400 Rule 4 # 00500 Rule 5 # # Anything that is not blocked is diverted to natd 00600 add divert natd all from any to any via ed1 # # 00700 Rule 7 # 00800 Rule 8 # etc /etc/natd.conf ~~~~~~~~~~~~~~ # Rule 1 # Rule 2 # Sipura traffic sent/received via dedicated public address redirect_address 192.168.0.Sipura to a.b.c.s # Rule 4 # Rule 5