[cisco-voip] SCCP NAT Question

ash AD commo_ssg_31f at yahoo.com
Mon Jan 24 21:32:18 EST 2011 

Seems to have been effected by an unidentified defect. Setting the inside interface MTU to the default MTU of 1500 resolved the issue. 

--- On Tue, 1/18/11, ash AD <commo_ssg_31f at yahoo.com> wrote:


From: ash AD <commo_ssg_31f at yahoo.com>
Subject: Re: [cisco-voip] SCCP NAT Question
To: "Max Pierson" <nmaxpierson at gmail.com>
Cc: cisco-voip at puck.nether.net
Date: Tuesday, January 18, 2011, 11:48 AM






Thanks for the reply max. The phones are not terminating on the 2811; so, no signalling directly to the 2811 as would be in a CME type deployment. I did also do a 1-fo-1 NAT to attempt to overcome broken NAT. I use the "ip nat inside source static" command set. I didn't increase the PAT translation window since using 1-to-1 static NATs for each phone didn't seem to work. I did increase the SCCP inspection window to 30 min for skinny. I went thru 5 versions of the 12.4(24)T train (T thru T4) and all seem to have the same symptom. 

--- On Tue, 1/18/11, Max Pierson <nmaxpierson at gmail.com> wrote:


From: Max Pierson <nmaxpierson at gmail.com>
Subject: Re: [cisco-voip] SCCP NAT Question
To: "ash AD" <commo_ssg_31f at yahoo.com>
Cc: cisco-voip at puck.nether.net
Date: Tuesday, January 18, 2011, 4:45 AM



Hi Ash,



First off, can you confirm your signaling proto from the 2811 to the CM (SIP, H.323, etc) ?? Second, what are the NAT metrics set to (as in timeout values, etc, so how long does the nat process keep the entry valid (default or did u make changes)?   Bugs are possible in the "T" train as well  ;)


There are a few caveats when using H.323 and NAT (at least since my older CM days and 12.3 IOS). As you stated, you're "inspecting" SCCP traffic. What does your "show" output commands say about the inspection??


My end solution was to do a "one-to-one static nat translation called by a route-map" to the CM Pub and Sub's to resolve the issue, but I need to know a little more about your environment.


Regards,
M



On Mon, Jan 17, 2011 at 10:10 PM, ash AD <commo_ssg_31f at yahoo.com> wrote:






Have phones being NAT'd that continue to reboot as if they lose registeration. Router is a Cisco 2811 running 12.4(24)T4 Adv Ent Services. There is NAT between the CallManager and three 7941 SCCP phones on the LAN side of the router. The phones are running SCCP 8.3(5). The router is doing PAT using its public IP'd interface. An IP inspect policy set to inspect SCCP is applied on the egress direction of the public IP'd interface. If the phones are placed on the same IP subnet as the outside interface with public IPs, the register and maintain registration. So, this WAN segment has full IP access to the CM. Any advise or expirience with over coming this issue.
 
-Pete

_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip





      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20110124/2b97411f/attachment.html>

More information about the cisco-voip mailing list