cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
604
Views
0
Helpful
5
Replies

CUVA site-to-site

recep.sefer
Level 1
Level 1

I have two CME sites connected by VPN and H.323

CUVA does not work accross two sites

Please Help

5 Replies 5

gogasca
Level 10
Level 10

Are you allowing all IP traffic?

Any inspection performed in the VPN tunnel?

which devices you use for the tunnel ?

I am allowing all IP traffic

No inspection

I am using cisco 2851 routers on both sites

I want to learn How CUVA works?

Which TCP/IP ports does it use?

Here is my config

!

voice service voip

allow-connections h323 to h323

allow-connections h323 to sip

allow-connections sip to h323

allow-connections sip to sip

no supplementary-service h450.2

no supplementary-service h450.3

supplementary-service h450.12

h323

sip

registrar server expires max 3600 min 3600

!

crypto isakmp policy 1

hash md5

authentication pre-share

lifetime 3600

crypto isakmp key 12345678 address x.x.x.x

!

crypto ipsec transform-set cm-transformset-1 esp-des esp-md5-hmac

!

crypto map cm-cryptomap local-address GigabitEthernet0/1

crypto map cm-cryptomap 1 ipsec-isakmp

set peer x.x.x.x

set transform-set cm-transformset-1

match address 100

qos pre-classify

!

!

class-map match-all STREAMING-VIDEO

match access-group name GUVENLIK-KAMERA

class-map match-all BULK-DATA

match ip dscp af11 af12

class-map match-all INTERACTIVE-VIDEO

match ip dscp af41 af42

class-map match-all VOICE

match ip dscp ef

class-map match-all MISSION-CRITICAL-DATA

match ip dscp 25

class-map match-all SCAVENGER

match ip dscp cs1

class-map match-all NET-MGMT

match ip dscp cs2

class-map match-any INTERNETWORK-CONTROL

match ip dscp cs6

match access-group name IKE

class-map match-any CALL-SIGNALING

match ip dscp cs3

match ip dscp af31

class-map match-all TRANSACTIONAL-DATA

match ip dscp af21 af22

!

!

policy-map QOSBASELINE-V3PN-EDGE

class VOICE

priority percent 18

class INTERACTIVE-VIDEO

priority percent 15

class CALL-SIGNALING

bandwidth percent 5

class INTERNETWORK-CONTROL

bandwidth percent 5

class NET-MGMT

bandwidth percent 2

class MISSION-CRITICAL-DATA

bandwidth percent 10

queue-limit 6 packets

class TRANSACTIONAL-DATA

bandwidth percent 5

queue-limit 3 packets

class STREAMING-VIDEO

bandwidth percent 10

queue-limit 6 packets

class BULK-DATA

bandwidth percent 4

queue-limit 3 packets

class SCAVENGER

bandwidth percent 1

queue-limit 1 packets

class class-default

bandwidth percent 25

queue-limit 16 packets

!

interface Loopback0

ip address 10.1.10.2 255.255.255.0

!

interface GigabitEthernet0/0

ip address 192.168.0.200 255.255.255.0

no ip mroute-cache

duplex auto

speed auto

h323-gateway voip interface

h323-gateway voip bind srcaddr 192.168.0.200

!

interface GigabitEthernet0/1

bandwidth 5000

ip address x.x.x.x 255.255.255.240

ip access-group 150 in

ip access-group 150 out

duplex auto

speed auto

crypto map cm-cryptomap

service-policy output QOSBASELINE-V3PN-EDGE

!

interface Service-Engine1/0

ip unnumbered Loopback0

service-module ip address 10.1.10.1 255.255.255.0

service-module ip default-gateway 10.1.10.2

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 x.x.x.x

ip route 10.1.10.1 255.255.255.255 Service-Engine1/0

ip route 192.168.1.0 255.255.255.0 192.168.0.1

!

!

!

ip access-list extended GUVENLIK-KAMERA

permit tcp any eq 5100 any

ip access-list extended IKE

permit udp any eq isakmp any eq isakmp

!

access-list 100 permit ip 192.168.0.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 100 permit ip 10.1.10.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 100 permit ip 192.168.0.0 0.0.0.255 10.2.10.0 0.0.0.255

access-list 100 permit ip 10.1.10.0 0.0.0.255 10.2.10.0 0.0.0.255

access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 100 permit ip 192.168.1.0 0.0.0.255 10.2.10.0 0.0.0.255

!

telephony-service

sdspfarm units 4

sdspfarm tag 1 mtp00097c5e9ce0

conference hardware

video

maximum bit-rate 512

no auto-reg-ephone

em logout 0:0 0:0 0:0

fxo hook-flash

max-ephones 96

max-dn 192

ip source-address 192.168.0.200 port 2000

Hi

I have the video call working fine between two CME sites.

I have CME 4.2 with following Config

#voice service voip

h323

h323 slow start

#telephony-service

service phone videoCapability 1

(videoCapability keyword is case sensitive)

#ephone 1

video

Would you be able to post your config? I am having a similar issue.

Thanks,

Mark

If two CUVA are in the same subnet, NO PROBLEM.

If they are connected through IPSEC VPN, there is no video.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: