gogasca Thu, 01/01/2009 - 14:59
User Badges:
  • Green, 3000 points or more

Are you allowing all IP traffic?

Any inspection performed in the VPN tunnel?

which devices you use for the tunnel ?

recep.sefer Fri, 01/09/2009 - 03:31
User Badges:

I am allowing all IP traffic

No inspection

I am using cisco 2851 routers on both sites


I want to learn How CUVA works?

Which TCP/IP ports does it use?



Here is my config



!

voice service voip

allow-connections h323 to h323

allow-connections h323 to sip

allow-connections sip to h323

allow-connections sip to sip

no supplementary-service h450.2

no supplementary-service h450.3

supplementary-service h450.12

h323

sip

registrar server expires max 3600 min 3600

!

crypto isakmp policy 1

hash md5

authentication pre-share

lifetime 3600

crypto isakmp key 12345678 address x.x.x.x

!

crypto ipsec transform-set cm-transformset-1 esp-des esp-md5-hmac

!

crypto map cm-cryptomap local-address GigabitEthernet0/1

crypto map cm-cryptomap 1 ipsec-isakmp

set peer x.x.x.x

set transform-set cm-transformset-1

match address 100

qos pre-classify

!

!

class-map match-all STREAMING-VIDEO

match access-group name GUVENLIK-KAMERA

class-map match-all BULK-DATA

match ip dscp af11 af12

class-map match-all INTERACTIVE-VIDEO

match ip dscp af41 af42

class-map match-all VOICE

match ip dscp ef

class-map match-all MISSION-CRITICAL-DATA

match ip dscp 25

class-map match-all SCAVENGER

match ip dscp cs1

class-map match-all NET-MGMT

match ip dscp cs2

class-map match-any INTERNETWORK-CONTROL

match ip dscp cs6

match access-group name IKE

class-map match-any CALL-SIGNALING

match ip dscp cs3

match ip dscp af31

class-map match-all TRANSACTIONAL-DATA

match ip dscp af21 af22

!

!

policy-map QOSBASELINE-V3PN-EDGE

class VOICE

priority percent 18

class INTERACTIVE-VIDEO

priority percent 15

class CALL-SIGNALING

bandwidth percent 5

class INTERNETWORK-CONTROL

bandwidth percent 5

class NET-MGMT

bandwidth percent 2

class MISSION-CRITICAL-DATA

bandwidth percent 10

queue-limit 6 packets

class TRANSACTIONAL-DATA

bandwidth percent 5

queue-limit 3 packets

class STREAMING-VIDEO

bandwidth percent 10

queue-limit 6 packets

class BULK-DATA

bandwidth percent 4

queue-limit 3 packets

class SCAVENGER

bandwidth percent 1

queue-limit 1 packets

class class-default

bandwidth percent 25

queue-limit 16 packets

!

interface Loopback0

ip address 10.1.10.2 255.255.255.0

!

interface GigabitEthernet0/0

ip address 192.168.0.200 255.255.255.0

no ip mroute-cache

duplex auto

speed auto

h323-gateway voip interface

h323-gateway voip bind srcaddr 192.168.0.200

!

interface GigabitEthernet0/1

bandwidth 5000

ip address x.x.x.x 255.255.255.240

ip access-group 150 in

ip access-group 150 out

duplex auto

speed auto

crypto map cm-cryptomap

service-policy output QOSBASELINE-V3PN-EDGE

!

interface Service-Engine1/0

ip unnumbered Loopback0

service-module ip address 10.1.10.1 255.255.255.0

service-module ip default-gateway 10.1.10.2

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 x.x.x.x

ip route 10.1.10.1 255.255.255.255 Service-Engine1/0

ip route 192.168.1.0 255.255.255.0 192.168.0.1

!

!

!

ip access-list extended GUVENLIK-KAMERA

permit tcp any eq 5100 any

ip access-list extended IKE

permit udp any eq isakmp any eq isakmp

!

access-list 100 permit ip 192.168.0.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 100 permit ip 10.1.10.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 100 permit ip 192.168.0.0 0.0.0.255 10.2.10.0 0.0.0.255

access-list 100 permit ip 10.1.10.0 0.0.0.255 10.2.10.0 0.0.0.255

access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 100 permit ip 192.168.1.0 0.0.0.255 10.2.10.0 0.0.0.255

!

telephony-service

sdspfarm units 4

sdspfarm tag 1 mtp00097c5e9ce0

conference hardware

video

maximum bit-rate 512

no auto-reg-ephone

em logout 0:0 0:0 0:0

fxo hook-flash

max-ephones 96

max-dn 192

ip source-address 192.168.0.200 port 2000

simranjeet.singh Fri, 01/09/2009 - 04:08
User Badges:

Hi

I have the video call working fine between two CME sites.

I have CME 4.2 with following Config


#voice service voip

h323

h323 slow start


#telephony-service

service phone videoCapability 1

(videoCapability keyword is case sensitive)

#ephone 1

video


Mark Yeates Tue, 01/13/2009 - 10:12
User Badges:
  • Gold, 750 points or more

Would you be able to post your config? I am having a similar issue.


Thanks,

Mark

recep.sefer Fri, 01/09/2009 - 04:35
User Badges:

If two CUVA are in the same subnet, NO PROBLEM.

If they are connected through IPSEC VPN, there is no video.


Actions

This Discussion