Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
229
Views
0
Helpful
1
Replies

ISSUE :: traffic from inside_LAN to Outside_Internet

ronald.ramzy
Level 1
Level 1

‎06-03-2009 06:07 AM - edited ‎03-11-2019 08:39 AM

Hi,

Voice application and another trade application running on port 10200 doesnt seems to work behind firewall

((INTERNET))--[Router]---[Firewall]---[Core]

the firewall is used for hosting Web server & site to site vpn ( natting public ip with private )

We have Two access-list

ACL_Outside ( natting traffic )

ACL_NONAT ( not to nat VPN Traffic )

any traffic from user goes to core then to firewall, i do not have inside access-list so the above two program should work.

any clue

Labels:
0 Helpful
1 Reply 1

Kureli Sankar
Cisco Employee
Cisco Employee

‎06-05-2009 06:44 AM

Most voice traffic initiates a connection via a diff. port that needs to be opened on the outside interface facing the internet. This doesn't look like anything standard that we would have inspection for which would automatically open pin holes for connections initiated from the outside.

So, check the logs

conf t

logging enable

loggin buffered 7

exit

sh logg | i x.x.x.x

where x.x.x.x is the IP address that these voice call go to on the outside.

That may give some clue as to whether the acl applied on the outside is dropped these due to lack of permission.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card