Configure ASA firewall to allow Voice over the VPN

Answered Question
Aug 3rd, 2008
User Badges:

I would like configure my firewall to allow IP Telephony services over the VPN. Kindly advice on what i need to do.

Correct Answer by Marwan ALshawi about 8 years 7 months ago

u didnt say if remote access vpn or site site?


any way the moste important thing is to know that the firewall in general not very good in QoS like a router

but u can put the voice traffic based on its prevously marked dscp or ip precedance

put them in priority queue


and also u have to enable h323 inspection

sccp inspection

alsp mgcp and

for all those call signaling u need to enable the option rtp-conformance under the h323,sccp parameters in the global_policy inspection


and dont forget to match the interesting traffic with the voice protocols like sccp and h323 for priority and vpn tunnel estblishmnet


i have given u a background now just follow the folowing link as it is simple and detaild regarding ur case


QoS for VoIP Traffic on VPN Tunnels :

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008080dfa7.shtml


PIX/ASA 7.x: Enable VoIP :

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081042c.shtml


good luck


Please, Rate if helpful

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Marwan ALshawi Sun, 08/03/2008 - 06:08
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

u didnt say if remote access vpn or site site?


any way the moste important thing is to know that the firewall in general not very good in QoS like a router

but u can put the voice traffic based on its prevously marked dscp or ip precedance

put them in priority queue


and also u have to enable h323 inspection

sccp inspection

alsp mgcp and

for all those call signaling u need to enable the option rtp-conformance under the h323,sccp parameters in the global_policy inspection


and dont forget to match the interesting traffic with the voice protocols like sccp and h323 for priority and vpn tunnel estblishmnet


i have given u a background now just follow the folowing link as it is simple and detaild regarding ur case


QoS for VoIP Traffic on VPN Tunnels :

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008080dfa7.shtml


PIX/ASA 7.x: Enable VoIP :

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081042c.shtml


good luck


Please, Rate if helpful

Actions

This Discussion