[cisco-voip] NATed SIP trunk direct to CM (no CUBE)

Mark Holloway mh at markholloway.com
Fri Jul 13 10:53:27 EDT 2012


You will probably run into some weird NAT issues as well. For example, call from PSTN > CUCM > forwards back to PSTN. Using a true b2bua like CUBE or Acme Packet is the way to do. 

On Jul 13, 2012, at 10:42 AM, Matt Slaga (AM) wrote:

> You can do this, but you need a firewall that supports ALG (application layer gateway).  PIX/ASA does this with ‘SIP Fixup’.
>  
>  
>  
> From: cisco-voip-bounces at puck.nether.net [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Erick
> Sent: Friday, July 13, 2012 9:03 AM
> To: Ted Nugent
> Cc: Cisco VoIPoE List
> Subject: Re: [cisco-voip] NATed SIP trunk direct to CM (no CUBE)
>  
>  
> 
> We have it working but I don't have access to the FW.  I'll see if I can get the security team to enlighten me.
> 
> On Jul 12, 2012, at 8:41 PM, Ted Nugent <tednugent73 at gmail.com> wrote:
> 
> Any chance of getting this working without CUBE? This is a lab environment to an external SIP provider
> Outbound calls are working without a hitch but internal are getting 404 errors becuase the invite has my external IP.
> These are NATed through an ASA with the information below. Any and all help is appreciated!
> CUCM 8.5
> Provider PBX: 10.10.10.10
> My external IP: 10.20.20.20 - ASA outside
> CM Address: 192.168.2.225 - internal network
> called# 9195551212 - assigned to an IP phone
> Calling# 9194755555 - PSTN Number
> 
> SIP/2.0 404 Not Found
> Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK615f910f;rport
> From: "9194755555" <sip:9194755555 at 10.10.10.10>;tag=as2bb2da19
> To: <sip:9195551212 at 10.20.20.20>;tag=32~d17116a5-4521-4eab-b0b1-1592b390b4a2-32411046
> Date: Fri, 13 Jul 2012 00:29:16 GMT
> Call-ID: 571cb73b62128c9b25faa9530644ae92 at 10.10.10.10
> CSeq: 102 INVITE
> Allow-Events: presence
> Reason: Q.850;cause=1
> Content-Length: 0
> 
> |1,100,230,1.68^10.10.10.10^*
> 20:29:16.485 |//SIP/SIPUdp/wait_UdpDataInd: Incoming SIP UDP message size 448 from 10.10.10.10:[5060]:
> [130,NET]
> ACK sip:9195551212 at 10.20.20.20 SIP/2.0
> Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK615f910f;rport
> Max-Forwards: 70
> From: "9194755555" <sip:9194755555 at 10.10.10.10>;tag=as2bb2da19
> To: <sip:9195551212 at 10.20.20.20>;tag=32~d17116a5-4521-4eab-b0b1-1592b390b4a2-32411046
> Contact: <sip:9194755555 at 10.10.10.10>
> Call-ID: 571cb73b62128c9b25faa9530644ae92 at 10.10.10.10
> CSeq: 102 ACK
> User-Agent: Asterisk PBX 1.6.2.13
> Content-Length: 0
> 
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
> 
> 
> itevomcid
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20120713/d3a8ea21/attachment.html>


More information about the cisco-voip mailing list