Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

General public WiFi Hotspot question regarding ALG/Application Inspection & Firewalls?

General public WiFi Hotspot question regarding ALG/Application Inspection & Firewalls?

General public WiFi Hotspot question regarding ALG/Application Inspection & Firewalls?

In a typical WiFi hotspot a wireless client is assigned a private RFC 1918 IPv4 address. When accessing the Internet this address needs translating to a public IPv4 address, this will happen on a gateway/router (you can verify what you appear on the Internet as with sites such as whatsmyip.com). For 'standard' TCP & UDP applications that use a single or multiple connections outbound (i.e. the connection is initiated from the client and the return traffic is permitted via the gateway/router because state has been created) this works fine.
For other protocols such as H.323 & SIP where inbound connections are required ALG/Application Inspection Engines are required that understand the protcols and automatically open the required 'pin-holes' and also modify the payload to translate embedded IP addresses. For example with SIP when settingg up a call the SIP-URI will contain the IP address and port number for the RTP stream. If NAT is involved the IP address and maybe the port will need to be modified by the gateway/router for the call to work.

I use SIP on my Android smartphone and can usually register with my SIP provider regardless of which WiFi hotspot I am using. When making a call however it will work with some hotspots but not others. My assumption is that some providers gateways/routers in these hotspots have SIP ALG/Protocol Inspection enabled where as others don't - the ones who do it works, the ones who don't it doesn't.

Is this just how it is and its pot-luck or should providers be 'obliged' to enable such features so our more complicated protocols work?


Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close