Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
275
Views
0
Helpful
1
Replies

voip over wirless traffic won't triggle spoke-to-spoke security association

oldcreek12
Level 1
Level 1

‎10-25-2008 09:45 PM

Hi, I am facing a weird problem I don't have a theory...

The company I am working for develops voip over wireless products, employees have 851Ws at home which are configured as ezvpn clients, all ezvpn terminate at corp ASA5520, wireless devices get private IP address. When employees try to call each other at home, they often experience one-way audio problem, the root cause of the problem is that outbound SPI for spoke to spoke SA is 0x0, I understand that SA idles out but traffic will triggle new SAs being created. The weird part is that SA is always created by manually ping_ing remote spoke IP address from the 851W which has spoke to spoke SA's outbound SPI is 0x0, but the voice traffic to the same destination won't triggle SA creation, so even both parties keep talking, still two way audio won't recover.

Any thoughts on this?

Labels:
0 Helpful
1 Reply 1

j.bourque
Level 1
Level 1

‎10-28-2008 12:49 PM

is the command "same-security-traffic permit intra-interface" in your config on the 5520? Not positive this will help but may be worth a try. Please rate if this helps.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents