Guest

Cisco IOS Software Releases 12.4 T

NAT Optimized SIP Media Path Without SDP

  • Viewing Options

  • PDF (272.1 KB)
  • Feedback
NAT Optimized SIP Media Path Without SDP

Table Of Contents

NAT Optimized SIP Media Path Without SDP

Contents

Information About the NAT Optimized SIP Media Path Without SDP Feature

Benefits of NAT Optimized SIP Media Path Without SDP

NAT Optimized SIP Media Path Without SDP Feature Design

How to Configure NAT Optimized SIP Media Path Without SDP

Configuring a NAT Optimized SIP Media Path Without SDP Messages Including MD5 Authentication

Configuring a NAT Optimized SIP Media Path Without SDP Messages

Configuration Examples for NAT Optimized SIP Media Path Without SDP

Configuring a NAT Optimized SIP Media Path Without SDP Including MD5 Authentication: Example

Configuring a NAT Optimized SIP Media Path Without SDP or MD5 Authentication: Example

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Command Reference

clear ip nat translation

debug ip nat

ip nat piggyback-support


NAT Optimized SIP Media Path Without SDP


The NAT Optimized SIP Media Path Without SDP feature allows the creation of a shorter path for Session Initiation Protocol (SIP) media channels by distributing endpoint IP addressing information with Session Descriptor Protocol (SDP) of SIP messages. This feature allows endpoints to communicate directly by using standard routing and eliminates the need for them to traverse through upstream NAT routers.

The Message Digest 5 (MD5) algorithm is supported.

History for the NAT Optimized SIP Media Path Without SDP Feature

Release
Modification

12.4(2)T

This feature was introduced.


Finding Support Information for Platforms and Cisco IOS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.

Contents

Information About the NAT Optimized SIP Media Path Without SDP Feature

How to Configure NAT Optimized SIP Media Path Without SDP

Configuration Examples for NAT Optimized SIP Media Path Without SDP

Additional References

Command Reference

Information About the NAT Optimized SIP Media Path Without SDP Feature

Before enabling the NAT Optimized SIP Media Path Without SDP feature, be sure you understand the following concepts:

Benefits of NAT Optimized SIP Media Path Without SDP

NAT Optimized SIP Media Path Without SDP Feature Design

Benefits of NAT Optimized SIP Media Path Without SDP

The media path can be shortened, decreasing voice delay.

More control of voice policy is possible because the media path is closer to the customer domain and not deep within the service provider cloud.

NAT Optimized SIP Media Path Without SDP Feature Design

The NAT Optimized SIP Media Path Without SDP feature provides the ability to optimize the media path taken by a SIP VoIP session when NAT is used. NAT forces the VoIP traffic to take at least one extra hop in the network, which usually results in several additional hops being added to the path between two IP hosts.

Cisco IOS NAT will add the relevant translation information per SIP session within the SIP protocol messages. The SIP Application Layer Gateway support within Cisco IOS NAT will extract this translation information from the SIP packets and create NAT table entries.

The "piggybacking" of NAT translation information within the SIP call flows, the design of how users interact with the application when they talk to it, will allow the media path of a SIP VoIP session between two calling parties to take the optimized routing path between each other.

How to Configure NAT Optimized SIP Media Path Without SDP

This section contains the following procedures:

Configuring a NAT Optimized SIP Media Path Without SDP Messages Including MD5 Authentication

Configuring a NAT Optimized SIP Media Path Without SDP Messages

Configuring a NAT Optimized SIP Media Path Without SDP Messages Including MD5 Authentication

Perform this task to configure messages with a NAT optimized SIP Media path including MD5 authentication.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip nat piggyback-support sip-alg all-messages router router-id [md5-authentication md5-authentication-key]

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

ip nat piggyback-support sip-alg all-messages router router-id [md5-authentication md5-authentication-key]

Example:

Router(config)# ip nat piggyback-support sip-alg all-messages router 100 md5-authentication md5-key

Enables messages with a NAT optimized SIP Media path including MD5 authentication.

Configuring a NAT Optimized SIP Media Path Without SDP Messages

Perform this task to configure SDP messages with a NAT optimized SIP Media path without MD5 authentication.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip nat piggyback-support sip-alg all-messages router router-id

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

ip nat piggyback-support sip-alg all-messages router router-id

Example:

Router(config)# ip nat piggyback-support sip-alg all-messages router 100

Enables messages with a NAT optimized SIP Media path without MD5 authentication.

Configuration Examples for NAT Optimized SIP Media Path Without SDP

This section provides the following configuration examples:

Configuring a NAT Optimized SIP Media Path Without SDP Including MD5 Authentication: Example

Configuring a NAT Optimized SIP Media Path Without SDP or MD5 Authentication: Example

Configuring a NAT Optimized SIP Media Path Without SDP Including MD5 Authentication: Example

The following example shows how to configure a NAT optimized SIP media path without SDP including MD5 authentication:

ip nat piggyback-support sip-alg all-messages router 100 md5-authentication md5-key

Configuring a NAT Optimized SIP Media Path Without SDP or MD5 Authentication: Example

The following example shows how to configure a NAT optimized SIP media path without SDP or MD5 authentication:

ip nat piggyback-support sip-alg all-messages router 100 

Additional References

The following sections provide references related to the NAT Optimized SIP Media Path with SDP feature.

Related Documents

Related Topic
Document Title

IP NAT commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples

Cisco IOS IP Addressing Services Command Reference, Release 12.4T

IP NAT configuration tasks

"NAT" section of the Cisco IOS IP Addressing Services Configuration Guide, Release 12.4


Standards

Standard
Title

None


MIBs

MIB
MIBs Link

None

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs


RFCs

RFC
Title

None


Technical Assistance

Description
Link

The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/techsupport


Command Reference

This section documents new and modified commands only.

clear ip nat translation

debug ip nat

ip nat piggyback-support

clear ip nat translation

To clear dynamic Network Address Translation (NAT) translations from the translation table, use the clear ip nat translation command in privileged EXEC mode.

clear ip nat translation {* | [inside global-ip global-port local-ip local-port] | [outside local-ip global-ip] [piggyback-internal | esp | tcp | udp]}

Syntax Description

*

Clears all dynamic translations.

inside

(Optional) Clears the inside translations containing the specified global-ip and local-ip addresses.

global-ip

(Optional) Global IP address.

global-port

(Optional) Global port.

local-ip

(Optional) Local IP address.

local-port

(Optional) Local port.

outside

(Optional) Clears the outside translations containing the specified global and local addresses.

piggyback-internal

(Optional) Clears translations created by the piggyback.

esp

(Optional) Clears Encapsulating Security Payload (ESP) entries from the translation table.

tcp

(Optional) Clears the TCP entries from the translation table.

udp

(Optional) Clears the User Datagram Protocol (UDP) entries from the translation table.


Command Modes

Privileged EXEC

Command History

Release
Modification

11.2

This command was introduced.

12.2(15)T

The esp keyword was added.

12.4(2)T

The piggyback-internal keyword was added.


Usage Guidelines

Use this command to clear entries from the translation table before they time out.

Examples

The following example shows the NAT entries before and after the User Datagram Protocol (UDP) entry is cleared:

Router# show ip nat translations

Pro Inside global        Inside local       Outside local      Outside global
udp 172.31.233.209:1220  192.168.1.95:1220  172.31.2.132:53    172.31.2.132:53
tcp 172.31.233.209:11012 192.168.1.89:11012 172.31.1.220:23    172.31.1.220:23
tcp 172.31.233.209:1067  192.168.1.95:1067  172.31.1.161:23    172.31.1.161:23

Router# clear ip nat translation udp inside 10.69.233.209 1220 10.168.1.95 1220
10.69.2.132 53 10.69.2.132 53

Router# show ip nat translations
 
Pro     Inside global       Inside local       Outside local      Outside global
tcp     10.69.233.209:11012 10.168.1.89:11012  10.69.1.220:23     10.69.1.220:23
tcp     10.69.233.209:1067  10.168.1.95:1067   10.69.1.161:23     10.69.1.161:23

Related Commands

Command
Description

ip nat

Designates that traffic originating from or destined for the interface is subject to NAT.

ip nat inside destination

Enables NAT of the inside destination address.

ip nat inside source

Enables NAT of the inside source address.

ip nat outside source

Enables NAT of the outside source address.

ip nat pool

Defines a pool of IP addresses for NAT.

ip nat service

Changes the amount of time after which NAT translations time out.

show ip nat statistics

Displays NAT statistics.

show ip nat translations

Displays active NAT translations.


debug ip nat

To display information about IP packets translated by the IP Network Address Translation (NAT) feature, use the debug ip nat command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip nat [access-list | detailed | h323 | ipsec | piggyback-support | port | pptp | route | sip | skinny | vrf | wlan-nat]

no debug ip nat [access-list | detailed | h323 | ipsec | port | pptp | route | sip | skinny | vrf | wlan-nat]

Syntax Description

access-list

(Optional) Standard IP access list number. If the datagram is not permitted by the specified access list, suppresses the related debugging output.

detailed

(Optional) Displays debugging information in a detailed format.

h323

(Optional) Displays H.225, H.245, and H.323 protocol information.

ipsec

(Optional) Displays IP Security (IPSec) packet information.

piggyback-support

(Optional) Displays piggyback information.

port

(Optional) Displays port information.

pptp

(Optional) Displays Point-to-Point Tunneling Protocol (PPTP) information.

route

(Optional) Displays route information.

sip

(Optional) Displays Session Initiation Protocol (SIP) information.

skinny

(Optional) Displays debug information in a concise format.

vrf

(Optional) Displays Virtual Private Network (VPN) routing and forwarding (VRF) traffic-related information.

wlan-nat

(Optional) Displays Wireless LAN information.


Command Modes

Privileged EXEC

Command History

Release
Modification

11.2

This command was introduced.

12.1(5)T

The h323 keyword was added.

12.2(8)T

The sip keyword was added.

12.2(13)T

The ipsec and vrf keywords were added.

12.3(2)XE

The wlan-nat keyword was added.

12.3(7)T

The wlan-nat keyword was implemented in Cisco IOS Release 12.3(7)T.

12.3(11)T

The output in the h323 keyword was expanded to include H.245 tunneling.

12.4(2)T

The piggyback-support keyword was added.


Usage Guidelines

The NAT feature reduces the need for unique, registered IP addresses. It can also save private network administrators from needing to renumber hosts and routers that do not conform to global IP addressing.

Use the debug ip nat command to verify the operation of the NAT feature by displaying information about each packet that the router translates. The debug ip nat detailed command generates a description of each packet considered for translation. This command also displays information about certain errors or exception conditions, such as the failure to allocate a global address. To display messages related to the processing of H.225 signaling and H.245 messages, use the debug ip nat h323 command. To display messages related to the processing of SIP messages, use the debug ip nat sip command. To display messages related to the processing of VRF messages, use the debug ip nat vrf command.


Caution Because the debug ip nat command generates a substantial amount of output, use it only when traffic on the IP network is low, so other activity on the system is not adversely affected.

Examples

The following is sample output from the debug ip nat command. In this example, the first two lines show the Domain Name System (DNS) request and reply debugging output. The remaining lines show debugging output from a Telnet connection from a host on the inside of the network to a host on the outside of the network. All Telnet packets, except for the first packet, were translated in the fast path, as indicated by the asterisk (*).

Router# debug ip nat 

NAT: s=192.168.1.95->172.31.233.209, d=172.31.2.132 [6825]
NAT: s=172.31.2.132, d=172.31.233.209->192.168.1.95 [21852] 
NAT: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6826] 
NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23311] 
NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6827] 
NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6828] 
NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23313] 
NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23325]

Table 1 describes the significant fields shown in the display.

Table 1 debug ip nat Field Descriptions 

Field
Description

NAT

Indicates that the packet is being translated by the NAT feature. An asterisk (*) indicates that the translation is occurring in the fast path. The first packet in a conversation always goes through the slow path (that is, it is process switched). The remaining packets go through the fast path if a cache entry exists.

s=192.168.1.95->172.31.233.209

Source address of the packet and how it is being translated.

d=172.31.2.132

Destination address of the packet.

[6825]

IP identification number of the packet. Might be useful in the debugging process to correlate with other packet traces from protocol analyzers.


The following is sample output from the debug ip nat detailed command. In this example, the first two lines show the debugging output produced by a DNS request and reply. The remaining lines show the debugging output from a Telnet connection from a host on the inside of the network to a host on the outside of the network. In this example, the inside host 192.168.1.95 was assigned the global address 172.31.233.193.

Router# debug ip nat detailed

NAT: i: udp (192.168.1.95, 1493) -> (172.31.2.132, 53) [22399]
NAT: o: udp (172.31.2.132, 53) -> (172.31.233.193, 1493) [63671]
NAT*: i: tcp (192.168.1.95, 1135) -> (172.31.2.75, 23) [22400]
NAT*: o: tcp (172.31.2.75, 23) -> (172.31.233.193, 1135) [22002]
NAT*: i: tcp (192.168.1.95, 1135) -> (172.31.2.75, 23) [22401]
NAT*: i: tcp (192.168.1.95, 1135) -> (172.31.2.75, 23) [22402]
NAT*: o: tcp (172.31.2.75, 23) -> (172.31.233.193, 1135) [22060]
NAT*: o: tcp (172.31.2.75, 23) -> (172.31.233.193, 1135) [22071]

The following is sample output from the debug ip nat h323 command. In this example, an H.323 call is established between two hosts, one host on the inside and the other host on the outside. The debugging output displays the H.323 message names that NAT recognizes and the embedded IP addresses contained in those messages.

Router# debug ip nat h323

NAT:H225:[0] processing a Setup message
NAT:H225:[0] found Setup sourceCallSignalling
NAT:H225:[0] fix transportAddress addr=192.168.122.50 port=11140
NAT:H225:[0] found Setup fastStart
NAT:H225:[0] Setup fastStart PDU length:18
NAT:H245:[0] processing OpenLogicalChannel message, forward channel
number 1
NAT:H245:[0] found OLC forward mediaControlChannel
NAT:H245:[0] fix TransportAddress addr=192.168.122.50 port=16517
NAT:H225:[0] Setup fastStart PDU length:29
NAT:H245:[0] Processing OpenLogicalChannel message, forward channel
number 1
NAT:H245:[0] found OLC reverse mediaChannel
NAT:H245:[0] fix Transportaddress addr=192.168.122.50 port=16516
NAT:H245:[0] found OLC reverse mediaControlChannel
NAT:H245:[0] fix TransportAddress addr=192.168.122.50 port=16517
NAT:H225:[1] processing an Alerting message
NAT:H225:[1] found Alerting fastStart
NAT:H225:[1] Alerting fastStart PDU length:25
NAT:H245:[1] processing OpenLogicalChannel message, forward channel
number 1
NAT:H323:[0] received pak, payload_len=46
NAT:H323:[0] processed up to new_payload_len 4
NAT:H323:[0] expecting data len=42--payload_len left 42
NAT:H323:[0] try to process tpkt with len 42, payload_len left 42
NAT:H225:processing a Facility message
NAT:H225:pdu_len :31 msg_IE:28
NAT:H323:choice-value:9
NAT:H225:[0] found h245Tunneling
NAT:H225:[0] found h245Control
NAT:H225:[0] h245control PDU length:20
NAT:H245:[0] processing OpenLogicalChannel message, forward channel 
number 2
NAT:H245:[0] found OLC forward mediaControlChannel
NAT:H245:[0] fix TransportAddress addr=192.168.122.50 port=51001
NAT:H245:[0] TransportAddress addr changed 192.168.122.50->135.25.30.129
NAT:H245:[0] message changed, encoding back
NAT:H245:exit process tpkt with new_len 20
NAT:H225:message changed, encoding back
NAT:H323:[0] processed up to new_payload_len 46
NAT:H323:[0] new pak payload len is 46

Table 2 describes the significant fields shown in the display.

Table 2 debug ip nat h323 Field Descriptions 

Field
Description

NAT

Indicates that the packet is being translated by the NAT feature.

H.225, H.245, and H.323

Protocol of the packet.

[0]

Indicates that the packet is moving from a host outside the network to one host inside the network.

[1]

Indicates that the packet is moving from a host inside the network to one host outside the network.


The following is sample output from the debug ip nat ipsec command:

Router# debug ip nat ipsec

5d21h:NAT:new IKE going In->Out, source addr 192.168.122.35, destination addr 
192.168.22.20, initiator cookie
0x9C42065D
5d21h:NAT:IPSec:created In->Out ESP translation IL=192.168.122.35 SPI=0xAAE32A0A, 
IG=192.168.22.40, OL=192.168.22.20,
OG=192.168.22.20
5d21h:NAT:IPSec:created Out->In ESP translation OG=192.168.22.20 SPI=0xA64B5BB6, 
OL=192.168.22.20, IG=192.168.22.40,
IL=192.168.122.35

5d21h:NAT:new IKE going In->Out, source addr 192.168.122.20, destination addr 
192.168.22.20, initiator cookie
0xC91738FF
5d21h:NAT:IPSec:created In->Out ESP translation IL=192.168.122.20 SPI=0x3E2E1B92, 
IG=192.168.22.40, OL=192.168.22.20,
OG=192.168.22.20
5d21h:NAT:IPSec:Inside host (IL=192.168.122.20) trying to open an ESP connection to 
Outside host (OG=192.168.22.20),
wait for Out->In reply
5d21h:NAT:IPSec:created Out->In ESP translation OG=192.168.22.20 SPI=0x1B201366, 
OL=192.168.22.20, IG=192.168.22.40,
IL=192.168.122.20

The following is sample output from the debug ip nat sip command. In this example, one IP phone registers with a Cisco SIP proxy and then calls another IP phone. The debugging output displays the SIP messages that NAT recognizes and the embedded IP addresses contained in those messages.

Router# debug ip nat sip

NAT:SIP:[0] processing REGISTER message
NAT:SIP:[0] translated embedded address
192.168.122.3->10.2.2.2
NAT:SIP:[0] translated embedded address
192.168.122.3->10.2.2.2
NAT:SIP:[0] message body found
NAT:SIP:[0] found address/port in SDP body:192.168.122.20
20332
NAT:SIP:[1] processing SIP/2.0 100 Trying reply message
NAT:SIP:[1] translated embedded address
10.2.2.2->192.168.122.3
NAT:SIP:[1] processing SIP/2.0 200 OK reply message
NAT:SIP:[1] translated embedded address
10.2.2.2->192.168.122.3
NAT:SIP:[1] translated embedded address
10.2.2.2->192.168.122.3
NAT:SIP:[1] processing INVITE message
NAT:SIP:[1] translated embedded address
10.2.2.2->192.168.122.3
NAT:SIP:[1] message body found
NAT:SIP:[1] found address/port in SDP body:192.168.22.20

Table 3 describes the significant fields shown in the display.

Table 3 debug ip nat sip Field Descriptions 

Field
Description

NAT

Indicates that the packet is being translated by the NAT feature.

SIP

Protocol of the packet.

[0]

Indicates that the packet is moving from a host outside the network to one host inside the network.

[1]

Indicates that the packet is moving from a host inside the network to one host outside the network.


The following is sample output from the debug ip nat vrf command:

Router# debug ip nat vrf

6d00h:NAT:address not stolen for 192.168.121.113, proto 1 port 7224
6d00h:NAT:creating portlist proto 1 globaladdr 10.2.2.10
6d00h:NAT:Allocated Port for 192.168.121.113 -> 10.2.2.10:wanted 7224 got 7224
6d00h:NAT:i:icmp (192.168.121.113, 7224) -> (168.58.88.2, 7224) [2460]
6d00h:NAT:s=192.168.121.113->10.2.2.10, d=168.58.88.2 [2460] vrf=> shop

6d00h:NAT*:o:icmp (168.58.88.2, 7224) -> (10.2.2.10, 7224) [2460]      vrf=> shop
6d00h:NAT*:s=168.58.88.2, d=10.2.2.10->192.168.121.113 [2460] vrf=> shop

6d00h:NAT:Allocated Port for 192.168.121.113 -> 10.2.2.10:wanted 7225 got 7225
6d00h:NAT:i:icmp (192.168.121.113, 7225) -> (168.58.88.2, 7225) [2461]
6d00h:NAT:s=192.168.121.113->10.2.2.10, d=168.58.88.2 [2461] vrf=> shop
6d00h:NAT*:o:icmp (168.58.88.2, 7225) -> (10.2.2.10, 7225) [2461]      vrf=> shop
6d00h:NAT*:s=168.58.88.2, d=10.2.2.10->192.168.121.113 [2461] vrf=> shop
6d00h:NAT:Allocated Port for 192.168.121.113 -> 10.2.2.10:wanted 7226 got 7226
6d00h:NAT:i:icmp (192.168.121.113, 7226) -> (168.58.88.2, 7226) [2462]
6d00h:NAT:s=192.168.121.113->10.2.2.10, d=168.58.88.2 [2462] vrf=> shop

Table 4 describes the significant fields shown in the display.

Table 4 debug ip nat vrf Field Descriptions 

Field
Description

NAT

Indicates that the packet is being translated by the NAT feature.

s=192.168.121.113->2.2.2.10

Source address of the packet and how it is being translated.

d=168.58.88.2

Destination address of the packet.

[2460]

IP identification number of the packet.

vrf=>

Indicates that NAT is applied to a particular VPN.


The following is sample output from the debug ip nat wlan-nat command:

Router# debug ip nat wlan-nat

WLAN-NAT: Creating secure ARP entry (10.1.1.1,0010.7bc2.9ff6)
WLAN-NAT: Triggered Acct Start for (171.1.1.10,0010.7bc2.9ff6)
WLAN-NAT: Extracting addr:171.1.1.10,input_idb:Ethernet1/2 from pak
WLAN-NAT: Saving address:171.1.1.10,input_idb:Ethernet1/2 in pak

After the WLAN-entry times out, the following debugs will be seen:

Router# debug ip nat wlan-nat 

WLAN-NAT: Removing secure arp entry (10.1.1.1,0010.7bc2.9ff6)
WLAN-NAT: triggered Acct Stop for (171.1.1.10,0010.7bc2.9ff6)

Table 5 describes the significant fields shown in the display.

Table 5 debug ip nat wlan-nat Field Descriptions 

Field
Description

WLAN

Indicates that a wireless LAN is being translated.

NAT

Indicates that the packet is being translated using NAT.


Related Commands

Command
Description

clear ip nat translation

Clears dynamic NAT translations from the translation table.

ip nat

Designates that traffic originating from or destined for the interface is subject to NAT.

ip nat inside destination

Enables NAT of the inside destination address.

ip nat inside source

Enables NAT of the inside source address.

ip nat outside source

Enables NAT of the outside source address.

ip nat pool

Defines a pool of IP addresses for NAT.

ip nat service

Enables a port other than the default port.

show ip nat statistics

Displays NAT statistics.

show ip nat translations

Displays active NAT translations.


ip nat piggyback-support

To enable a NAT optimized SIP media path, use the ip nat piggyback-support command in global configuration mode. To disable a NAT optimized SIP media path, use the no form of this command.

ip nat piggyback-support sip-alg {sdp-only | all-messages} router router-id md5-authentication md5-authentication-key

no ip nat piggyback-support sip-alg {sdp-only | all-messages} router router-id md5-authentication md5-authentication-key

Syntax Description

sip-alg

SIP protocol algorithm.

sdp-only

Establishes piggybacking in SDP only.

all-messages

Establishes piggybacking in all messages except SDP.

router router-id

Piggyback router ID number.

md5-authentication md5-authentication-key

MD5 authentication key.


Command Modes

Global configuration

Command History

Release
Modification

12.4(2)T

This command was introduced.


Examples

The following example shows how to configure a NAT optimized SIP media path with SDP:

ip nat piggyback-support sip-alg sdp-only router 100 authentication md5-key

Related Commands

Command
Description

ip nat

Designates that traffic originating from or destined for the interface is subject to NAT.

ip nat inside destination

Enables NAT of the inside destination address.

ip nat inside source

Enables NAT of the inside source address.

ip nat outside source

Enables NAT of the outside source address.

ip nat pool

Defines a pool of IP addresses for NAT.

ip nat service

Changes the amount of time after which NAT translations time out.

show ip nat statistics

Displays NAT statistics.

show ip nat translations

Displays active NAT translations.