AW: Firewall/NAT Crossing by H.323/H.248

Euchner Martin Martin.Euchner at ICN.SIEMENS.DE
Mon Mar 26 09:37:58 EST 2001


thanks for pointing to this interesting draft. However, I was unable to obtain that document; <>  is not successful.

Would someone be so kind and send it to me?

Kind Regards

Martin Euchner.
| Dipl.-Inf.                     Phone: +49 89 722 55790
| Martin Euchner                 Fax  : +49 89 722 46841
| Siemens AG
| ICN M NT 5                     mailto:Martin.Euchner at <mailto:Martin.Euchner at>
|                                mailto:martin.euchner at <mailto:martin.euchner at>
| Hofmannstr. 51                 Intranet:
| D-81359 Muenchen               Internet: <>
| __________________
| Germany

        -----Ursprüngliche Nachricht-----
        Von:    Roy, Radhika R, ALCOO [SMTP:rrroy at ATT.COM]
        Gesendet am:    Donnerstag, 22. März 2001 05:18
        An:     ITU-SG16 at mailbag.cps.INTEL.COM
        Betreff:        Firewall/NAT Crossing by H.323/H.248


        The following Internet draft (draft-davies-fw-nat-traversal-00.txt) deals
        with the proposal how H.323, H.248, and other applications (e.g., SIP) can
        cross the firewalls and NATs that do not require any changes in NATs and

        I would request the members that it may be worthwhile to look into the

        (I would also propose the authors to see whether this can be presented in
        the ITU-T SG16 for possible examination. If attendance is a problem by the
        authors, whether Rapporteurs, as they did in the past, can help in
        collaboration with the authors in the presenting the proposal.)

        Best regards,
        Radhika R. Roy

        -----Original Message-----
        From: Steve Davies [mailto:SDavies at]
        Sent: Tuesday, March 20, 2001 8:45 PM
        To: mshore at
        Cc: sob at; Steve Davies; midcom at;
        sip at
        Subject: [SIP] Contribution to Midcom WG


        Please excuse this email at the 11th hour. I've taking the liberty of
        copying it to the SIP and Midcom WGs in order to maximise the opportunity
        for discussion.

        Ridgeway Systems & Software have just completed an Internet draft for the
        traversal of non-protocol aware firewalls and NATs by session-oriented
        protocols such as H.323, SIP and H.248/Megaco. The draft is the culmination
        of the last 2 years of research and development within Ridgeway. The methods
        outlined in the draft have been implemented and proven to work. The main
        benefit to the Internet and Telecommunications community of the method
        outlined in this draft is that it is protocol agnostic - a single method can
        carry multiple protocols. Until it is available through the system it is
        available from  - username is 'standards'
        password is 'stevedavies'.

        The method outlined in the draft is probably ahead of where Midcom is at
        this point. I bring it to your attention now because I see similar
        initiatives within the SIP WG and because I would like to suggest to the
        Midcom WG that there are at least 2 classes of problem with potentially
        multiple solutions to address and capture. My basic premise is that it is
        not just a FW/NAT problem to address, but a FW/NAT + deployment set of

        Class A:
        This class of problem is characterised by the fact that it is not possible
        or it is undesirable to upgrade the firewalls and NAT devices. Typically,
        NAPT is being used and Internet data and voice/video packets are transported
        on the same network (at some point, e.g. the LAN). Security must not be
        compromised. Examples deployments include residential and enterprise access
        to the Converged Network via an ISP.

        The Traversal method Ridgeway has developed addresses this class of problem.

        Class B:
        This class of problem is characterised by the fact that it is possible to
        upgrade existing or deploy new equipment to transport voice/video over IP.

        ALGs in firewalls and NATs is one solution to this class of problem.

        It seems that the approach within Midcom is to formalise and abstract ALGs
        such that one method suits all protocols. However, this doesn't address
        deployments in Class A.

        My colleague, Pete Cordell, and I will be in Minneapolis from Wednesday thru
        Friday and shall be attending the Midcom WG where we hope such requirements
        and issues will be raised and captured.

        Please feel free to contact me should you want to discuss this offline.

        Kindest regards


        Steve Davies
        Chief Technical Officer
        Ridgeway Systems and Software
        Email: mailto:sdavies at
        Tel  B: +44 (0) 118 938 1114
        Tel H: +44  (0) 1285 770979
        US cell: +1 512 771 7160

        This list is for continuing development of the SIP protocol.
        The sip-implementor's list is the place to discuss implementation,
        and to receive advice on understanding existing sip.
        To subscribe to it, send mail to
        sip-implementors-request at with "subscribe" in the body.

        For help on this mail list, send "HELP ITU-SG16" in a message to
        listserv at

For help on this mail list, send "HELP ITU-SG16" in a message to
listserv at

More information about the sg16-avd mailing list