[cisco-voip] NATed SIP trunk direct to CM (no CUBE)

Ted Nugent tednugent73 at gmail.com
Fri Jul 13 14:39:31 EDT 2012


Well unfortunately as expected it's a bug with no fix yet, only a work
around (release pending)

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtj14677&from=summary

*DOC: SIP inspection is not supported with static PAT **Symptom:*

DOC: This is a Documentation bug.

SIP inspection will not work with static pat. The inspection engine will
not rewrite the packet if static pat is configured.

*Conditions:*

Any version of ASA software. If you configure:

static (inside,outside) udp interface sip 10.1.1.1 sip

Where 10.1.1.1 is your call manager. You will see sip calls fail because
the sip inspection doesn't support static pat.

*Workaround:*

Configure a one to one static for your call manager like this:

static (inside,outside) 1.2.3.4 10.1.1.1

On Fri, Jul 13, 2012 at 9:02 AM, Erick <ewellnitzvoip at gmail.com> wrote:

> We have it working but I don't have access to the FW.  I'll see if I can
> get the security team to enlighten me.
>
>
> On Jul 12, 2012, at 8:41 PM, Ted Nugent <tednugent73 at gmail.com> wrote:
>
> Any chance of getting this working without CUBE? This is a lab environment
> to an external SIP provider
> Outbound calls are working without a hitch but internal are getting 404
> errors becuase the invite has my external IP.
> These are NATed through an ASA with the information below. Any and all
> help is appreciated!
> CUCM 8.5
>
> Provider PBX: 10.10.10.10
> My external IP: 10.20.20.20 - ASA outside
> CM Address: 192.168.2.225 - internal network
> called# 9195551212 - assigned to an IP phone
> Calling# 9194755555 - PSTN Number
>
> SIP/2.0 404 Not Found
> Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK615f910f;rport
> From: "9194755555" <sip:9194755555 at 10.10.10.10>;tag=as2bb2da19
> To: <sip:9195551212 at 10.20.20.20
> >;tag=32~d17116a5-4521-4eab-b0b1-1592b390b4a2-32411046
> Date: Fri, 13 Jul 2012 00:29:16 GMT
> Call-ID: 571cb73b62128c9b25faa9530644ae92 at 10.10.10.10
> CSeq: 102 INVITE
> Allow-Events: presence
> Reason: Q.850;cause=1
> Content-Length: 0
>
> |1,100,230,1.68^10.10.10.10^*
> 20:29:16.485 |//SIP/SIPUdp/wait_UdpDataInd: Incoming SIP UDP message size
> 448 from 10.10.10.10:[5060]:
> [130,NET]
> ACK sip:9195551212 at 10.20.20.20 SIP/2.0
> Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK615f910f;rport
> Max-Forwards: 70
> From: "9194755555" <sip:9194755555 at 10.10.10.10>;tag=as2bb2da19
> To: <sip:9195551212 at 10.20.20.20
> >;tag=32~d17116a5-4521-4eab-b0b1-1592b390b4a2-32411046
> Contact: <sip:9194755555 at 10.10.10.10>
> Call-ID: 571cb73b62128c9b25faa9530644ae92 at 10.10.10.10
> CSeq: 102 ACK
> User-Agent: Asterisk PBX 1.6.2.13
> Content-Length: 0
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20120713/ae7555ca/attachment.html>


More information about the cisco-voip mailing list