Yep configuring it like this worked like a champ... but bye bye inbound VPN, SSL etc until they get it fixed since i only have a single external IP<br><br><div class="gmail_quote">On Fri, Jul 13, 2012 at 4:06 PM, Matt Slaga (AM) <span dir="ltr"><<a href="mailto:matt.slaga@dimensiondata.com" target="_blank">matt.slaga@dimensiondata.com</a>></span> wrote:<br>
<blockquote style="margin:0px 0px 0px 0.8ex;padding-left:1ex;border-left-color:rgb(204,204,204);border-left-width:1px;border-left-style:solid" class="gmail_quote"><div lang="EN-US" vlink="purple" link="blue"><div><p class="MsoNormal">
<span style="color:rgb(31,73,125);font-family:"Calibri","sans-serif";font-size:11pt">I’m using static NAT for one of our labs and it’s working well.<span> </span>It does rewrite the SIP packet as necessary which works most of the time.<span> </span><u></u><u></u></span></p>
<p class="MsoNormal"><span style="color:rgb(31,73,125);font-family:"Calibri","sans-serif";font-size:11pt"><u></u> <u></u></span></p><div><div style="border-width:1pt medium medium;border-style:solid none none;border-color:rgb(181,196,223) currentColor currentColor;padding:3pt 0in 0in">
<p class="MsoNormal"><a name="13881f37daddd0df__MailOriginal"><b><span style="font-family:"Tahoma","sans-serif";font-size:10pt">From:</span></b></a><span><span style="font-family:"Tahoma","sans-serif";font-size:10pt"> <a href="mailto:cisco-voip-bounces@puck.nether.net" target="_blank">cisco-voip-bounces@puck.nether.net</a> [mailto:<a href="mailto:cisco-voip-bounces@puck.nether.net" target="_blank">cisco-voip-bounces@puck.nether.net</a>] <b>On Behalf Of </b>Ted Nugent<br>
<b>Sent:</b> Friday, July 13, 2012 2:40 PM<br><b>To:</b> Erick</span></span><div class="im"><br><b>Cc:</b> Cisco VoIPoE List<br><b>Subject:</b> Re: [cisco-voip] NATed SIP trunk direct to CM (no CUBE)<u></u><u></u></div><p>
</p></p></div></div><p class="MsoNormal"><span><u></u> <u></u></span></p><p style="margin-bottom:12pt" class="MsoNormal"><span><u></u> <u></u></span></p><div><p class="MsoNormal"><span>Well unfortunately as expected it's a bug with no fix yet, only a work around (release pending)<u></u><u></u></span></p>
</div><div><p class="MsoNormal"><span> <u></u><u></u></span></p></div><div><p class="MsoNormal"><span></span><a href="http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtj14677&from=summary" target="_blank"><span>http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtj14677&from=summary</span><span></span></a><span><u></u><u></u></span></p>
</div><div><p class="MsoNormal"><span> <u></u><u></u></span></p></div><div><table style="width:100%" border="0" cellpadding="0" width="100%"><tbody><tr><td style="padding:6pt" colspan="2"><p class="MsoNormal"><span><strong><span style="font-size:10.5pt">DOC: SIP inspection is not supported with static PAT </span></strong></span><span><span style="font-size:10.5pt"><u></u><u></u></span></span></p>
</td><td><span></span></td></tr><tr><td style="padding:0in 6pt 6pt" valign="top"><p class="MsoNormal"><span><b><span style="font-size:10.5pt">Symptom:</span></b></span><span><span style="font-size:10.5pt"><br><br>DOC: This is a Documentation bug.<br>
<br>SIP inspection will not work with static pat. The inspection engine will not rewrite the packet if static pat is configured. <br><br><b>Conditions:</b><br><br>Any version of ASA software. If you configure:<br><br>static (inside,outside) udp interface sip 10.1.1.1 sip<br>
<br>Where 10.1.1.1 is your call manager. You will see sip calls fail because the sip inspection doesn't support static pat. <br><br><b>Workaround:</b><br><br>Configure a one to one static for your call manager like this:<br>
<br>static (inside,outside) 1.2.3.4 10.1.1.1<u></u><u></u></span></span></p></td><td><span></span><td style="padding:3.75pt"><span></span></td><td><span></span></td></td></tr></tbody></table><p style="margin-bottom:12pt" class="MsoNormal">
<span><u></u> <u></u></span></p></div><div><p class="MsoNormal"><span>On Fri, Jul 13, 2012 at 9:02 AM, Erick <</span><a href="mailto:ewellnitzvoip@gmail.com" target="_blank"><span>ewellnitzvoip@gmail.com</span><span></span></a><span>> wrote:<u></u><u></u></span></p>
<blockquote style="border-width:medium medium medium 1pt;border-style:none none none solid;border-color:currentColor currentColor currentColor rgb(204,204,204);margin:5pt 0in 5pt 4.8pt;padding:0in 0in 0in 6pt"><div><div><p class="MsoNormal">
<span>We have it working but I don't have access to the FW. I'll see if I can get the security team to enlighten me.<u></u><u></u></span></p><div><div><p style="margin-bottom:12pt" class="MsoNormal"><span><br><br>
On Jul 12, 2012, at 8:41 PM, Ted Nugent <</span><a href="mailto:tednugent73@gmail.com" target="_blank"><span>tednugent73@gmail.com</span><span></span></a><span>> wrote:<u></u><u></u></span></p></div></div></div><div>
<div><blockquote style="margin-top:5pt;margin-bottom:5pt"><div><div><p class="MsoNormal"><span>Any chance of getting this working without CUBE? This is a lab environment to an external SIP provider<br>Outbound calls are working without a hitch but internal are getting 404 errors becuase the invite has my external IP.<br>
These are NATed through an ASA with the information below. Any and all help is appreciated!<u></u><u></u></span></p></div><div><p class="MsoNormal"><span>CUCM 8.5<u></u><u></u></span></p></div><p><span>Provider PBX: 10.10.10.10<br>
My external IP: 10.20.20.20 - ASA outside<br>CM Address: 192.168.2.225 - internal network<br>called# </span><a href="tel:9195551212" target="_blank"><span>9195551212</span><span></span></a><span> - assigned to an IP phone<br>
Calling# </span><a href="tel:9194755555" target="_blank"><span>9194755555</span><span></span></a><span> - PSTN Number<u></u><u></u></span></p><p><span>SIP/2.0 404 Not Found<br>Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK615f910f;rport<br>
From: "</span><a href="tel:9194755555" target="_blank"><span>9194755555</span><span></span></a><span>" <</span><a href="mailto:sip%3A9194755555@10.10.10.10" target="_blank"><span>sip:</span><span></span></a><a href="mailto:9194755555@10.10.10.10" target="_blank"><span>9194755555@10.10.10.10</span><span></span></a><span>>;tag=as2bb2da19<br>
To: <</span><a href="mailto:sip%3A9195551212@10.20.20.20" target="_blank"><span>sip:</span><span></span></a><a href="mailto:9195551212@10.20.20.20" target="_blank"><span>9195551212@10.20.20.20</span><span></span></a><span>>;tag=32~d17116a5-4521-4eab-b0b1-1592b390b4a2-32411046<br>
Date: Fri, 13 Jul 2012 00:29:16 GMT<br>Call-ID: </span><a href="mailto:571cb73b62128c9b25faa9530644ae92@10.10.10.10" target="_blank"><span>571cb73b62128c9b25faa9530644ae92@10.10.10.10</span><span></span></a><span><br>CSeq: 102 INVITE<br>
Allow-Events: presence<br>Reason: Q.850;cause=1<br>Content-Length: 0<u></u><u></u></span></p><p><span>|1,100,230,1.68^10.10.10.10^*<br>20:29:16.485 |//SIP/SIPUdp/wait_UdpDataInd: Incoming SIP UDP message size 448 from 10.10.10.10:[5060]:<br>
[130,NET]<br>ACK </span><a href="mailto:sip%3A9195551212@10.20.20.20" target="_blank"><span>sip:</span><span></span></a><a href="mailto:9195551212@10.20.20.20" target="_blank"><span>9195551212@10.20.20.20</span><span></span></a><span> SIP/2.0<br>
Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK615f910f;rport<br>Max-Forwards: 70<br>From: "</span><a href="tel:9194755555" target="_blank"><span>9194755555</span><span></span></a><span>" <</span><a href="mailto:sip%3A9194755555@10.10.10.10" target="_blank"><span>sip:</span><span></span></a><a href="mailto:9194755555@10.10.10.10" target="_blank"><span>9194755555@10.10.10.10</span><span></span></a><span>>;tag=as2bb2da19<br>
To: <</span><a href="mailto:sip%3A9195551212@10.20.20.20" target="_blank"><span>sip:</span><span></span></a><a href="mailto:9195551212@10.20.20.20" target="_blank"><span>9195551212@10.20.20.20</span><span></span></a><span>>;tag=32~d17116a5-4521-4eab-b0b1-1592b390b4a2-32411046<br>
Contact: <</span><a href="mailto:sip%3A9194755555@10.10.10.10" target="_blank"><span>sip:</span><span></span></a><a href="mailto:9194755555@10.10.10.10" target="_blank"><span>9194755555@10.10.10.10</span><span></span></a><span>><br>
Call-ID: </span><a href="mailto:571cb73b62128c9b25faa9530644ae92@10.10.10.10" target="_blank"><span>571cb73b62128c9b25faa9530644ae92@10.10.10.10</span><span></span></a><span><br>CSeq: 102 ACK<br>User-Agent: Asterisk PBX 1.6.2.13<br>
Content-Length: 0<u></u><u></u></span></p></div></blockquote></div></div><blockquote style="margin-top:5pt;margin-bottom:5pt"><div><p class="MsoNormal"><span>_______________________________________________<br>cisco-voip mailing list<br>
</span><a href="mailto:cisco-voip@puck.nether.net" target="_blank"><span>cisco-voip@puck.nether.net</span><span></span></a><span><br></span><a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank"><span>https://puck.nether.net/mailman/listinfo/cisco-voip</span><span></span></a><span><u></u><u></u></span></p>
</div></blockquote></div></blockquote></div><p class="MsoNormal"><span><br><br><br><span style="color:white">itevomcid</span> </span><u></u><u></u></p></div></div></blockquote></div><br>