Getting around NAT (for media)
Table of Contents
Problems with NAT will cause no packets are getting received, either by local or remote party. Below are general guide to get around the NAT problem.
Use STUN and/or TURN and/or ICE
One of the obvious reason why no incoming packet is received is because
the application sends private IP address as its RTP address. This can be
verified by looking at the SDP
c= line that is sent by the
If the SDP
c= line contains private address, then probably you need
to use STUN or TURN. You can enable STUN support in pjsua by using
--stun-srv option from the command line. For example:
$ ./pjsua --stun-srv stun.pjsip.org
Another example to use TURN and ICE:
$ ./pjsua --use-ice --use-turn --turn-srv turn.pjsip.org --turn-user [username] --turn-passwd ***
Normally NAT router only forwards incoming packets to internal network after the internal host has sent some packets to remote destination. But this may not happen if Voice Activity Detector (VAD)/Silence Detector is enabled, because then no RTP packet will be transmitted when there is no voice activity on the microphone.
So as workaround solution, try to disable VAD to see if this is the
case. You can disable VAD in pjsua by using
from the command line.
Using Port Forwarding
pjsua can also be configured in port forwarding environment, for both SIP UDP/TCP and media (RTP) transports. To do this, you have to configure your router to forward UDP/TCP port 5060 to the application, and also UDP ports for RTP. By default, pjsua (and PJSUA-API) allocates UDP ports for RTP/RTCP from port 4000 for RTP and 4001 for RTCP, and upwards up to the maximum number of calls configured in pjsua (for example, if max-calls is 10, then the port range allocated for RTP/RTCP will be UDP ports 4000 - 4019, since each call will need two UDP sockets).
The default port 5060 for SIP can be changed with
option, while the default RTP start port of 4000 can be changed with
After port forwarding has been configured in the router, you just need
to specify the router’s public IP address to pjsua, with
--ip-addr command line option. With this option, all addresses
advertised by pjsua will use this address rather than the internal IP
Still having NAT problem?
Also check Getting around blocked, filtered, or mangled VoIP network for potential solutions.