voip over wirless traffic won't triggle spoke-to-spoke security association

Unanswered Question
Oct 25th, 2008

Hi, I am facing a weird problem I don't have a theory...

The company I am working for develops voip over wireless products, employees have 851Ws at home which are configured as ezvpn clients, all ezvpn terminate at corp ASA5520, wireless devices get private IP address. When employees try to call each other at home, they often experience one-way audio problem, the root cause of the problem is that outbound SPI for spoke to spoke SA is 0x0, I understand that SA idles out but traffic will triggle new SAs being created. The weird part is that SA is always created by manually ping_ing remote spoke IP address from the 851W which has spoke to spoke SA's outbound SPI is 0x0, but the voice traffic to the same destination won't triggle SA creation, so even both parties keep talking, still two way audio won't recover.

Any thoughts on this?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
j.bourque Tue, 10/28/2008 - 12:49

is the command "same-security-traffic permit intra-interface" in your config on the 5520? Not positive this will help but may be worth a try. Please rate if this helps.

Actions

This Discussion