Network Settings

STUN is a protocol that allows the IP phones on a network to discover the presence and types of NATs and firewalls between them and the public Internet. It also provides the ability for the phones to determine the public IP addresses allocated to them by the NAT. STUN works with many existing NATs, and does not require any special behavior from them. As a result, it allows the phones to work through existing NAT infrastructures.

TURN is a protocol that governs the reception of data over a connection by a single communications device operating behind a NAT or firewall. A TURN server relays packets from an external IP address towards the IP phone only if that phone has previously sent a packet through the same TURN server to that particular external IP address.

SIP NAT IP configurations takes precedence over the STUN/TURN configurations. Typically, the STUN/TURN configuration is only used for media (RTP traffic) - not for signaling. (For signaling, you need to enable “Rport” if the NAT device does not recognize SIP. For more information about “Rport”, see the section, “RPORT” on page 4-52of this release note.

The STUN/TURN configuration applies globally on the phone. If you configure both STUN and TURN on the phone, it dis- covers what type of NAT device is between the phone and the public network. If the NAT device is full cone, restricted cone, or port restricted cone, the phone uses STUN. If the NAT device is symmetric, the phone uses TURN.

If you configure STUN only, the phone uses STUN without the NAT discovery process.

Note:

STUN does not work if the NAT device is symmetric.

If you configure NAT only, the phone uses NAT and does not perform the NAT discovery process during startup. TURN is compatible with all types of NAT devices.

Limitations to Using STUN and TURN

The Firewall type discovery process on the phone is limited to 20 seconds. If the discovery process fails, the STUN server may not be configured correctly.

When making a new phone call, the phone limits obtaining the port from the STUN/TURN server to 5 seconds. If the call does not go through in 5 seconds, the phone makes the call using the Session Description Protocol (SDP) with a local IP:port.

An Administrator can configure a STUN and/or TURN server on the IP Phones using the configuration files or the Aastra Web UI.

Configuring STUN and TURN Servers Using the Configuration Files

Note:

The NAT IP configuration parameter takes precedence over the STUN and TURN parameters.

Use the following parameters to configure STUN and TURN servers in your network.

sip stun ip

sip stun port

sip turn ip

sip turn port

sip turn user

sip turn pass

Configuration Files

For specific parameters you can set in the configuration files, see Appendix A, the sections:

“SIP STUN Parameters” on page A-27

“SIP TURN Parameters” on page A-28.

4-30

41-001343-02 REV04 – 05.2014

Page 175 Page 177
Page 176
Image 176
Aastra Telecom 41-001343-02 manual Stun does not work if the NAT device is symmetric, Limitations to Using Stun and Turn
Page 175 Page 177
Top Page Image Contents