[cisco-voip] NATed SIP trunk direct to CM (no CUBE)

Ted Nugent tednugent73 at gmail.com
Fri Jul 13 16:20:46 EDT 2012 

Yep configuring it like this worked like a champ... but bye bye inbound
VPN, SSL etc until they get it fixed since i only have a single external IP

On Fri, Jul 13, 2012 at 4:06 PM, Matt Slaga (AM) <
matt.slaga at dimensiondata.com> wrote:

> I’m using static NAT for one of our labs and it’s working well.  It does
> rewrite the SIP packet as necessary which works most of the time.  ****
>
> ** **
>
> *From:* cisco-voip-bounces at puck.nether.net [mailto:
> cisco-voip-bounces at puck.nether.net] *On Behalf Of *Ted Nugent
> *Sent:* Friday, July 13, 2012 2:40 PM
> *To:* Erick
>
> *Cc:* Cisco VoIPoE List
> *Subject:* Re: [cisco-voip] NATed SIP trunk direct to CM (no CUBE)****
>
> ** **
>
> ** **
>
> Well unfortunately as expected it's a bug with no fix yet, only a work
> around (release pending)****
>
>  ****
>
>
> http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtj14677&from=summary
> ****
>
>  ****
>
> *DOC: SIP inspection is not supported with static PAT *****
>
> *Symptom:*
>
> DOC: This is a Documentation bug.
>
> SIP inspection will not work with static pat. The inspection engine will
> not rewrite the packet if static pat is configured.
>
> *Conditions:*
>
> Any version of ASA software. If you configure:
>
> static (inside,outside) udp interface sip 10.1.1.1 sip
>
> Where 10.1.1.1 is your call manager. You will see sip calls fail because
> the sip inspection doesn't support static pat.
>
> *Workaround:*
>
> Configure a one to one static for your call manager like this:
>
> static (inside,outside) 1.2.3.4 10.1.1.1****
>
> ** **
>
> On Fri, Jul 13, 2012 at 9:02 AM, Erick <ewellnitzvoip at gmail.com> wrote:***
> *
>
> We have it working but I don't have access to the FW.  I'll see if I can
> get the security team to enlighten me.****
>
>
>
> On Jul 12, 2012, at 8:41 PM, Ted Nugent <tednugent73 at gmail.com> wrote:****
>
> Any chance of getting this working without CUBE? This is a lab environment
> to an external SIP provider
> Outbound calls are working without a hitch but internal are getting 404
> errors becuase the invite has my external IP.
> These are NATed through an ASA with the information below. Any and all
> help is appreciated!****
>
> CUCM 8.5****
>
> Provider PBX: 10.10.10.10
> My external IP: 10.20.20.20 - ASA outside
> CM Address: 192.168.2.225 - internal network
> called# 9195551212 - assigned to an IP phone
> Calling# 9194755555 - PSTN Number****
>
> SIP/2.0 404 Not Found
> Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK615f910f;rport
> From: "9194755555" <sip: <sip%3A9194755555 at 10.10.10.10>
> 9194755555 at 10.10.10.10>;tag=as2bb2da19
> To: <sip: <sip%3A9195551212 at 10.20.20.20>9195551212 at 10.20.20.20
> >;tag=32~d17116a5-4521-4eab-b0b1-1592b390b4a2-32411046
> Date: Fri, 13 Jul 2012 00:29:16 GMT
> Call-ID: 571cb73b62128c9b25faa9530644ae92 at 10.10.10.10
> CSeq: 102 INVITE
> Allow-Events: presence
> Reason: Q.850;cause=1
> Content-Length: 0****
>
> |1,100,230,1.68^10.10.10.10^*
> 20:29:16.485 |//SIP/SIPUdp/wait_UdpDataInd: Incoming SIP UDP message size
> 448 from 10.10.10.10:[5060]:
> [130,NET]
> ACK sip: <sip%3A9195551212 at 10.20.20.20>9195551212 at 10.20.20.20 SIP/2.0
> Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK615f910f;rport
> Max-Forwards: 70
> From: "9194755555" <sip: <sip%3A9194755555 at 10.10.10.10>
> 9194755555 at 10.10.10.10>;tag=as2bb2da19
> To: <sip: <sip%3A9195551212 at 10.20.20.20>9195551212 at 10.20.20.20
> >;tag=32~d17116a5-4521-4eab-b0b1-1592b390b4a2-32411046
> Contact: <sip: <sip%3A9194755555 at 10.10.10.10>9194755555 at 10.10.10.10>
> Call-ID: 571cb73b62128c9b25faa9530644ae92 at 10.10.10.10
> CSeq: 102 ACK
> User-Agent: Asterisk PBX 1.6.2.13
> Content-Length: 0****
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip****
>
>
>
>
> itevomcid ****
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20120713/db488a99/attachment.html>

More information about the cisco-voip mailing list