We've just installed a pair of failover 515Es to a site, and since the install, their remote IP Telephony users can't get a call to last more than about 40-50 seconds.
Here are some logs for an example connection:
The Server is behind the firewall on 10.133.8.205
The IP Phone is Outside on 10.134.2.173
%PIX-6-302015: Built inbound UDP connection 8592979 for outside:10.134.2.173/32514 (10.134.2.173/32514) to inside:10.133.8.205/32548 (10.133.8.205/32548)
%PIX-6-302020: Built ICMP connection for faddr 10.134.2.173/0 gaddr 10.133.8.205/0 laddr 10.133.8.205/0
%PIX-6-302004: Pre-allocate H323 UDP backconnection for faddr 10.134.2.173/32514 to laddr 10.133.8.205
%PIX-6-302004: Pre-allocate H323 UDP backconnection for faddr 10.134.2.173/32515 to laddr 10.133.8.205
%PIX-6-302021: Teardown ICMP connection for faddr 10.134.2.173/0 gaddr 10.133.8.205/0 laddr 10.133.8.205/0
%PIX-6-302015: Built outbound UDP connection 8592994 for outside:10.134.2.173/32515 (10.134.2.173/32515) to inside:10.133.8.205/32549 (10.133.8.205/32549)
%PIX-6-302016: Teardown UDP connection 8592994 for outside:10.134.2.173/32515 to inside:10.133.8.205/32549 duration 0:00:39 bytes 1400
%PIX-6-302016: Teardown UDP connection 8592993 for outside:10.134.2.173/32515 to inside:10.133.8.205/0 duration 0:00:41 bytes 0
%PIX-6-302016: Teardown UDP connection 8592992 for outside:10.134.2.173/32514 to inside:10.133.8.205/0 duration 0:00:41 bytes 0
%PIX-6-302016: Teardown UDP connection 8592991 for outside:10.134.2.173/0 to inside:10.133.8.205/32548 duration 0:00:41 bytes 0
Can Anyone please advise what might be the problem?
What version of OS are you running on your 515E PIX's? I can't speak directly to your H323 problem, but I will share an odd problem we encountered on our ASA5520's running 7.2(2) and SCCP (skinny) VoIP. We found that if the inspect skinny eq 2000 was inabled, our call control would randomly break causing the remote phones that connected via vpns that terminated on the ASA's to reboot.
By disabling inspection of the Skinny port our problem stopped. You may want to investigate the H323 inspection configuration for your particular problem.
Ultimately if that resolves the problem, I suggest opening a TAC case as it is best to have the inspection enabled for VoIP traffic.