[c-nsp] ASA5510 with SIP dropping intermittent

Tony Varriale tvarriale at comcast.net
Tue Feb 16 23:43:45 EST 2010 

That bug was supposedly first found in 8.2(1).

My first thought is that the control channel is staying up on the voice SP, 
but is timing out in the translation table.

Do you log your set ups and tear downs to a syslog server?  If so, go back 
and try and chase that source port to see if there's a timeout/teardown 
prior to that timestamp.

You need the SIP inspection since you are NATing.  No way around it and I 
don't think that's the issue at this point.  Or, better said, at this point 
in the data collection phase.

tv
----- Original Message ----- 
From: "Jimmy Stewpot" <mailers at oranged.to>
To: <cisco-nsp at puck.nether.net>
Sent: Tuesday, February 16, 2010 9:03 PM
Subject: [c-nsp] ASA5510 with SIP dropping intermittent


> Hello,
>
> I am currently running a Cisco ASA 5510 device running software version 
> 8.0(3)6. The configuration is very simple, we have a group of voice 
> servers behind the system talking to an upstream Voice service provider 
> using SIP. Outbound calls work 100% of the time, however we have a policy 
> in place with permits inbound connections. Most of the time it works 
> however in an apparently random fashion it drops incoming calls. There 
> have been no changes to the device in months and its only started to occur 
> over the last week. I have been ripping my hair out trying to resolve this 
> issue with little to no luck.
>
> When I check what is going on I see the following messages in the log.
>
> Feb 16 10:48:10 <IP> %ASA-6-106015: Deny TCP (no connection) from /57345 
> to /5060 flags PSH ACK on interface Outside
>
> The configuration is as follows.
>
> Voice Server (192.168.1.20/24) -> ASA internal (192.168.1.254) || ASA 
> External (Public Address) -> Internet.
>
> We have an inbound policy permitting any inbound SIP udp and tcp to the 
> Public Address. We then have a one to one mapping
>
> static (inside,Outside)  192.168.1.20 netmask 255.255.255.255
>
> Everything seems fine, and I don't understand why its dropping the 
> connections on a very intermittent basis. It seems that its probably 
> something to do with the inspect. If we disable inspect it breaks all 
> phone connections. I found the following bug reference number in the 
> release notes for 8.2. CSCtb23281 but I don't have Cisco Logins which 
> provide me with the bugs db any more...
>
> Any advice or assistance would be greatly appreciated.
>
> Regards,
>
> Jimmy Stewpot.
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list