This is a somewhat broad question, but i am going post it anyway and see if anyone can comment, as i feel it may relate to an incorrect NAT statement. I have a telephone system sitting behind the ASA, which i've NAT'd inbound and outbound to an internet address.
static (inside,outside) 184.108.40.206 10.0.0.7 netmask 255.255.255.255
nat (inside) 1 10.0.0.7 255.255.255.255
global (outside) 1 220.127.116.11
This is the way I normally do the NAT to make the traffic match the same IP both inbound and outbound. I am now unsure if this is the correct way to go about things. Here is the problem i am running into.
A (remote) telephone boots up, grabs an IP, and registers with the phone system. All is well, except for when a call is made and there is no audio. All of the necessary ports are open (on both ends, here it is a 2800 ISR with the firewall enabled) and for testing purposes an ip any any statement was added. So here is the problem..
The phone registers, and in a capture you can see the local address of the phone communicating with the internet routeable address of the phone system. All is well.. However, once the RTP stream initiates the local telephone is now communicating with the inside address of the phone system and i feel that is the bottleneck.
Does anyone see anything wrong with the NAT config ? I am assuming the media stream should be between each end point and not the system, but im not quite sure if the protocol is proprietary (more than likely is) and may work differently.