[c-nsp] ip Multicast MoH with zone Based Firewalls?

Scott Voll svoll.voip at gmail.com
Wed Mar 14 13:56:11 EDT 2012


I have a Voice deployment with a remote site that has multicast Music on
hold.  The 2821 that it goes through also has Zone based Firewalls so I can
do GRE over IPSec.(which is not the interface that the Multicast Moh is
using)

my problem is that my Music on hold is not working.

sh ip mroute shows:

(*, 239.1.1.1), 00:50:22/00:02:58, RP x.y.1.252, flags: SJC
  Incoming interface: GigabitEthernet0/1.902, RPF nbr x.z.9.254 < == WAN
Metro E
  Outgoing interface list:
    GigabitEthernet0/0.1026, Forward/Sparse-Dense, 00:00:01/00:02:58
<==Phone network

239.1.1.1 is my Multicast MoH

The RP is correct.

both interfaces .902 and 1026 are in the INSIDE zone with a Zone policy of
class default pass

I'm running 15.1(3)T2,

Is this a zone based FW issue?  a Multicast issue?  or a Bug?  I'm not sure
which way to go..... other then drive to the remote site and do a packet
capture.  Other ideas?  I'm trying not to drive =)

TIA

Scott


More information about the cisco-nsp mailing list