Advanced options and settings
Now that we kind of understand how it works, we can look at other ways to trigger the NAT detection. In some cases, the ACL is not enough because maybe a sneaky ALG has messed up the packet or maybe the traffic is passing over a proxy or the phone may think it's handling the NAT case itself but it's not doing it quite right.
We have another option that is not enabled by default because it laughs in the face of the fourth pitfall and basically thinks almost anything slightly out of the ordinary is NAT. This parameter is dangerous but effective in cases where you have no other choice. The name of the parameter is aggressive-nat-detection and setting it to true in your SIP profile will enable it for all traffic. Basically it looks at the SIP packets and if it sees a variety of IP addresses in various headers, it uses logical deduction to figure out which one is the source address. From there it does the same thing that the ACL based one does, only it may not always...
