Does anyone have a understandable explaination of this application called "stun" from what I can gather its used for things like skype and facetime, but it generates a lot of traffic in my network. While yes we are lync/skype in house and there are the occosional calls out to the internet, I see this application going out to google public IPs on port 19305 and 19302, I see ports 5055 being used as well. How do you control this application?
Applipedia will help you out here a lot.
"Simple Traversal of User Datagram Protocol is a network protocol allowing a client behind a NAT (or multiple NATs) to find out its public address."
You'll see stun utilized a lot for different applications and such as it is currently the best way of determining the clients public IP address and detecting whether or not it is behind a NAT or not. SIP, WebRTC and others rely on it pretty heavily. If you are running Skype internally you should be seeing a TON of Stun traffic, iPhones will generate a bit as well because of FaceTime, and depending on the applications on the device you can expect a lot to come from Android devics as well.
Stun by itself really isn't dangerous so there really isn't much control to be done, at least to my eyes. Allow it outside your network on application default ports and if your Skype infrastructure is generating too many logs in your eyes setup a security rule to simply not log traffic going to your Skype servers.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!