Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
440
Views
1
Helpful
5
Replies

CME 3.2 Over VPN unable to register

craig.corbett
Level 2
Level 2

‎10-04-2007 12:36 AM - edited ‎03-14-2019 11:53 PM

Hi, I have setup a CME 3.2 system at work with 2 phones on can call between no problem.

On the single switch at work both phones register successfully to the CME router and I?m able to place calls to and from each other. At another location I have an 1801 router with a point to point VPN to the office Pix.

On the 1801 router I have set option 150 to point the CME router. When I plug the phone into the 1801, I get the following message on the CME router and the phone fails to register. The phone keeps on trying to register and the same message appears.

Oct 4 09:14:35.457: %IPPHONE-6-REG_ALARM: Name=SEP000E386DCFEB Load=CP79050101S

CCP030530B.zup Last=Initialized

Oct 4 09:14:35.457: %IPPHONE-6-REGISTER: ephone-2:SEP000E386DCFEB IP:192.168.1.

53 Socket:2 DeviceType:Phone has registered.

Oct 4 09:14:36.475: %IPPHONE-6-UNREGISTER_ABNORMAL: ephone-2:SEP000E386DCFEB IP

:192.168.1.53 Socket:2 DeviceType:Phone has unregistered abnormally.

MY setup:

192.168.103.X ------- 2950 Switch ----- CME Router

|

Pix External IP (DHCP for 192.168.103.X LAN)

|

IP Sec VPN

|

1801 External IP (DHCP for 192.168.1.X LAN with option 150 pointing at CME)

|

192.168.1.X

Any pointers will be greatly appreciated.

Thanks

Craig.

Labels:
0 Helpful
5 Replies 5

vmoopeung
Level 5
Level 5

‎10-10-2007 05:58 AM

The Cisco IOS Firewall did not previously support Skinny inspection, because outgoing packets are converted to H323 or SIP. As a result, there is no need for Skinny inspection. However, ACLs can be used to filter out unwanted packets/traffic as a way to support incoming Skinny packet inspection. Cisco IOS Firewall has added H.323 inspection support for any locally generated traffic, thus making it possible to deploy Cisco Unified CME and IOS Firewall on the same router.

http://www.cisco.com/en/US/products/sw/voicesw/ps4625/products_implementation_design_guide_chapter09186a00805f07a8.html

craig.corbett
Level 2
Level 2
In response to vmoopeung

‎10-12-2007 03:18 AM

Thanks for the info but the IOS firewall is not enabled on the 1801 ?

0 Helpful

paolo bevilacqua
Hall of Fame
Hall of Fame

‎10-12-2007 04:10 AM

Hi,

from a PC on the remote lan, try:

telnet 2000.

If it fails, you have VPN issues, likely in the PIX config. that has many access-lists to set correctly.

0 Helpful

craig.corbett
Level 2
Level 2
In response to paolo bevilacqua

‎10-16-2007 12:30 AM

Hi, I can telnet cme-address 2000.

Its not a problem with multicast is it ?

0 Helpful

craig.corbett
Level 2
Level 2
In response to craig.corbett

‎10-16-2007 12:41 AM

I think tftp may be timing out, any ideas ?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents