STUN Server Configuration

You configured STUN servers on a per-realm basis, one server per realm. To support that various NAT tests it describes, RFC 3489 requires that two different IP addresses and two different UDP port numbers be used for each server. So your STUN server will listen on a total of four STUN server ports. Although newer work does away with this requirement, the Oracle® Enterprise Session Border ControllerC supports it for the purpose of backwards compatibility.

For each realm configuration with an enabled STUN server, untrusted ACL entries will be added to forward all packets received on the four STUN Server Port.

To enable STUN server support for a realm:

1. In Superuser mode, type configure terminal and press Enter.

   ORACLE# configure terminal
   ORACLE(configure)#

2. Type media-manager and press Enter.

   ORACLE(configure)# media-manager
   ORACLE(media-manager)#

3. Type realm-config and press Enter. If you are adding this feature to a pre-existing realm configuration, you will need to select and edit your realm.

   ORACLE(media-manager)# realm-config
   ORACLE(realm-config)#

4. stun-enable—Set this parameter to enabled to turn STUN server support for this realm on. This parameter defaults to disabled, meaning STUN server support is off.
5. stun-server-ip—Enter the IP address for the primary STUN server port. The default for this parameter is 0.0.0.0.
6. stun-server-port—Enter the port to use with the stun-server-ip for primary STUN server port. The default is 3478.
7. stun-changed-ip—Enter the IP address for the CHANGED-ADDRESS attribute in Binding Requests received on the primary STUN server port. This IP address must be different from than the one defined for the stun-server-ip parameter. The default for this parameter is 0.0.0.0.
8. stun-changed-port—Enter the port combination to define the CHANGED-ADDRESS attribute in Binding Requests received on the primary STUN server port. The default for this parameter is 3479.
9. Save and activate your configuration.