10-29-2008 10:06 PM - edited 03-11-2019 07:05 AM
I have a new customer running an ASA 5520 who runs videoconferences from inside to external sites and the reverse using H.323. Everything works fine until the conference is up for 2 hours, then without exception, whatever type of conference it is (inbound or outbound) or whichever videoconferencing unit is in use, it disconnects the session. It can be immediately re-established and runs fine for another 2 hours, then it drops again, etc, etc. The conferences are direct, no gatekeeper or RAS involved.
The 5520 is acting as a firewall with overload NAT on its outside interface. I'm more of a voice person, and I haven't been able to find documentation about any kind of timeout that might cause this, so wanted to see if some of you security guys could lend your expertise as to any possible causes.
Thanks!
J
10-30-2008 09:30 AM
Regrading the firewall. Have you checked your timeout values
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
Do you have any firewall logs? Examine the syslogs related to your conference. What is the reason for the disconnect?
Rick
12-23-2008 11:48 AM
What version of the ASA OS are you running?
Todd
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: