[c-nsp] Cisco 867 SIP & NAT
Jared Mauch
jared at puck.nether.net
Tue Jan 8 19:12:11 EST 2013
IOS automatically does SIP-ALG when doing nat, is this enabled or not?
The SIP-ALG is broken and I have always recommended people to turn it off.
- Jared
On Jan 8, 2013, at 7:05 PM, Andrew Yager <andrew at rwts.com.au> wrote:
> Hi,
>
> We have a client using a Cisco 867 with SIP based VoIP phones behind it (not CCM).
>
> Each time the phones perform a new SIP request a new entry is created in the NAT table on a different port, which very quickly floods the NAT table and crashes the router.
>
> We've tried with c860-universalk9-mz.150-1.M6 and c860-universalk9-mz.151-4.M5 but are seeing the same behaviour.
>
> Client nat config is relatively standard:
>
> ip nat inside source list 10 interface Dialer0 overload
> ip nat inside source static tcp 10.1.1.100 5900 interface Dialer0 5900
> ip nat inside source static tcp 10.1.1.100 1723 interface Dialer0 1723
>
> access-list 10 permit 10.1.1.0 0.0.0.255
>
> Has anyone seen this issue on this series of routers and/or know if it's an IOS bug? Any fixes or workarounds or working IOS versions?
>
> Thanks,
> Andrew
>
> --
> Andrew Yager, Managing Director (MACS Snr CP BCompSc MCP MCE JNCIA-Junos)
> Real World Technology Solutions Pty Ltd - IT people you can trust
> ph: 1300 798 718 or (02) 9037 0500
> fax: (02) 9037 0591 mob: 0405 152 568
> http://www.rwts.com.au/
>
>
>
>
>
>
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list