asterisk users - Dec 2006 - Cisco devices (without STUN) and dynamic NAT

Cisco devices (7912, ata-168, 7960 etc.) don't support STUN. 

However, they do let you define a static external NAT IP
address, and parameters to send a keep-alive out through the
NAT on a regular basis.

However, I want to make these devices work in an environment
where they are behind a NAT which has a dynamic IP which
might change (though in fact it changes only rarely.)

They're talking to an external Asterisk server which is
of course not behind NAT.

The docs say that nat=yes will cause Asterisk to ignore the
IPs in the SIP headers and SDP, and replace them with the
actual address the packets are coming from.

I thought this meant that if I put any address in the Cisco's
NATIP field, this would work because Asterisk would rewrite
the SDP to the real address, which might have changed since
the NATIP field was set.

However, Asterisk is not doing this (though it's doing
some other interesting things, now noticing that the NAT
address in the Via header is local to it and talking
directly to that) and it's trying to do native bridged
channels to other devices, which isn't working with
the wrong address in the SDP.

I want native bridging of course, in fact it's a must
if you have a phone on the east coast, an asterisk
server on the west coast and a SIP terminator in
the middle.  No way you want to hairpin the audio, and
with STUN supporting SIP phones this works fine.


canreinvite is not involved here because there is no
need for reinvite on a simple call.

I'm using svn trunk, as of a few days ago.