ShowTable of Contents
This article explains a scenario for deploying an IBM® Sametime® 8.5.2 Network Address Translation (NAT) environment.
When the IBM Sametime Gateway cluster and Session Initiation Protocol (SIP) proxy is configured for a NAT, the NAT environment requires that the SIP Proxy's external fully qualified DNS name (FQDN), as known to external communities, be the same as its internal FQDN .
Traversing a NAT environment is a known issue in the SIP domain. Currently, the IBM WebSphere® SIP infrastructure does not provide a solution to this problem because it does not support any of the Internet Engineering Task Force (IETF) standards. Therefore, any SIP application deployed on WebSphere Portal must develop its own solution.
The scenario provided here assumes that you have the following elements in your deployment:
- A clustered environment, with one more more clustered servers
- A SIP proxy server federated to the cluster
- All cluster members (including the SIP proxy server) deployed within the same subnet
- A static NAT that is defined in the NAT or firewall; the public IP address should be mapped to the SIP Proxy server's internal IP address.
Software stack components
The software stack includes:
- Sametime Community Server 8.5.2
- Lotus® Domino® Server 8.5
- Sametime Media Manager Server 8.5.2
- Sametime Gateway Server 8.5.2
- Sametime Proxy Server 8.5.2
- Sametime System Console 8.5.2
- DB2® UDB Edition v9.5
- WebSphere Application Server 188.8.131.52
- WebSphere Application Server 184.108.40.206 Network Deployment
- IBM Tivoli® Directory Server 6.1
- Network Dispatcher: IBM Edge Components of IBM WebSphere Application Server 7.0
- Load Balancer: IBM Edge Components of IBM WebSphere Application Server 7.0
Figure 1 shows how the basic environment is set up.
Figure 1. Diagram of the environment
Note these limitations:
- Only static NAT is supported.
- In this case a single SIP Proxy deployment was tested; a multiple-SIP Proxy deployment was never tested but can be applied with the same setting.
- Single-server deployment is not supported, but a clustered deployment that contains only one server is supported.
Full Sametime 8.5.2 NAT test environment
Figure 2 displays in more detail the full test environment configuration.
Figure 2. Full environment configuration
Detailed system requirements
The IBM Support document, #7109598, “Detailed System Requirements - Sametime Standard 8.5.2
,” contains a list of “supported components that have undergone compatibility testing by IBM. IBM recommends that customers always use operating systems, Web browsers, devices or applications listed in the application's system requirements; any variance has some level of risk because the combination has not been tested, and is not supported by IBM.”
Deploying NAT on Sametime 8.5.2
The Lotus Sametime 8.5.2 Product Documentation on the Wiki contains detailed, step-by-step instructions for installing and deploying NAT on Sametime 8.5.2. For best results, follow all instructions in the following links completely and in the order in which they are presented in the Information Center:
- Configuring the Gateway cluster and SIP proxy for a NAT environment
Configure a cluster of IBM® Sametime Gateway servers to operate in a NAT (Network Address Translation) environment. The NAT environment configuration requires that the SIP Proxy's external Fully Qualified DNS Name (FQDN), as known to external communities, be the same as its internal FQDN.
- Installing Sametime TURN Server
3. Configuring a SIP proxy server
Configure the Session Initiation Protocol (SIP) proxy server for a cluster of IBM® Sametime® Gateway servers. There is no need to configure external domains in the SIP proxy server; this is done through the Sametime Gateway configuration.
Detailed tips on troubleshooting each of the following products/areas can be found in the Sametime 8.5.2 Installation and Administration Troubleshooting
topic in the Wiki:
If your IBM Sametime deployment experiences problems with NAT traversal, begin by troubleshooting the Sametime TURN Server.
- Sametime Connect client
- Sametime System Console
- Sametime Community Server
- Sametime Proxy Server
- Sametime Media Manager
- Sametime Bandwidth Manager
- Sametime TURN Server
- Sametime Meeting Server
- Lotus Sametime Gateway Server
- Installation or uninstallation
- Log file locations
- Directory conventions
You should now be able to successfully configure NAT for Sametime 8.5.2.
Refer to the Product Wiki for more information on:
About the author
Desmond McCann is a Chartered Engineer working on the Sametime Verification Test team. He has been with IBM since 2010, focusing on integration and interoperability across Lotus Sametime products.