[c-nsp] ASA5510 with SIP dropping intermittent

Jimmy Stewpot mailers at oranged.to
Mon Feb 22 00:10:21 EST 2010 

Hi Tony,

Thanks for your response. In the log files I see the following right before the call drops

Feb 22 06:34:38 syslog-server %ASA-7-609001: Built local-host Outside:<external host>
Feb 22 06:34:38 syslog-server %ASA-6-106015: Deny TCP (no connection) from <external>/59191 to <internal>/5060 flags PSH ACK  on interface Outside
Feb 22 06:34:38 syslog-server %ASA-7-609002: Teardown local-host Outside:<external host> duration 0:00:00

I have doubled the time out's and its made little to no effect. Any advice would be really appreciated.

Regards,

Jimmy Stewpot.

----- Original Message -----
From: "Tony Varriale" <tvarriale at comcast.net>
To: cisco-nsp at puck.nether.net
Sent: Wednesday, 17 February, 2010 3:43:45 PM
Subject: Re: [c-nsp] ASA5510 with SIP dropping intermittent

That bug was supposedly first found in 8.2(1).

My first thought is that the control channel is staying up on the voice SP, 
but is timing out in the translation table.

Do you log your set ups and tear downs to a syslog server?  If so, go back 
and try and chase that source port to see if there's a timeout/teardown 
prior to that timestamp.

You need the SIP inspection since you are NATing.  No way around it and I 
don't think that's the issue at this point.  Or, better said, at this point 
in the data collection phase.

tv
----- Original Message ----- 
From: "Jimmy Stewpot" <mailers at oranged.to>
To: <cisco-nsp at puck.nether.net>
Sent: Tuesday, February 16, 2010 9:03 PM
Subject: [c-nsp] ASA5510 with SIP dropping intermittent


> Hello,
>
> I am currently running a Cisco ASA 5510 device running software version 
> 8.0(3)6. The configuration is very simple, we have a group of voice 
> servers behind the system talking to an upstream Voice service provider 
> using SIP. Outbound calls work 100% of the time, however we have a policy 
> in place with permits inbound connections. Most of the time it works 
> however in an apparently random fashion it drops incoming calls. There 
> have been no changes to the device in months and its only started to occur 
> over the last week. I have been ripping my hair out trying to resolve this 
> issue with little to no luck.
>
> When I check what is going on I see the following messages in the log.
>
> Feb 16 10:48:10 <IP> %ASA-6-106015: Deny TCP (no connection) from /57345 
> to /5060 flags PSH ACK on interface Outside
>
> The configuration is as follows.
>
> Voice Server (192.168.1.20/24) -> ASA internal (192.168.1.254) || ASA 
> External (Public Address) -> Internet.
>
> We have an inbound policy permitting any inbound SIP udp and tcp to the 
> Public Address. We then have a one to one mapping
>
> static (inside,Outside)  192.168.1.20 netmask 255.255.255.255
>
> Everything seems fine, and I don't understand why its dropping the 
> connections on a very intermittent basis. It seems that its probably 
> something to do with the inspect. If we disable inspect it breaks all 
> phone connections. I found the following bug reference number in the 
> release notes for 8.2. CSCtb23281 but I don't have Cisco Logins which 
> provide me with the bugs db any more...
>
> Any advice or assistance would be greatly appreciated.
>
> Regards,
>
> Jimmy Stewpot.
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/ 

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list