I just thought I would check here, are there any known issues with SIP in the new EA pack? I have installed it on the new system, and am having the following issues:
Outbound calls work for a period of 10 minutes or so after rebooting our DSL modem. After that, calls fail. After working with the trunk provider, it looks like our source ports are getting changed. The source port of the invite messages is very high when it is working, then when it stops working our invite messages are coming from a 5090-5092 port. The provider responds on that port, but it looks like we arent listening on it, so we do not get the replys. I have opened up our ACL to any UDP traffic from the provider, no change. I think the system is just not listening on the same port as the invites are going out on. Could be the DSL modem changing the ports, see my note about the modem below.
Inbound calls have never worked, failing with a 500 - internal server error coming from our UC520. Neither the sip provider or cisco TAC knows why this is happening so far.
I have had two TAC engineers working on it for about an hour each, they couldnt give me an answer. They didnt even see the port issue that the sip provider did.
I have not ruled out the DSL modem. it is a Motorola 3347, which looks like a newer version of the Netopia 3347. I have another voice install with the netopia modem working fine. It may have something to do with this motorola modem. I have disabled it's firewall, and also had to add our public ips to its statefull inspection 'exposed IPs' section just to be able to open inbound ports. I have never had to do this with a netopia router before.
Anyone have any idea?
So all this was via CLI - as I think the CCA config pushed down is different. If so - you want to add incoming SIP Trunk dial peers for the individual DID - example is below:
dial-peer voice 10000 voip
description ** Incoming call from SIP trunk (Generic SIP Trunk Provider) for DID 14085551000 **
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
session protocol sipv2
session target sip-server
incoming called-number 14085551000
ip qos dscp cs5 media
ip qos dscp cs4 signaling
Repeat for every DID (change the dial peer tag)
- Can you provide the TAC case numbers
- Also the version, config and logs for any of the above failed cases (inbound or outbound) would also be useful
It appears from your description that as the SIP INVITEs from the UC520 use ephemeral or random source ports (anything from 1024 to 65535) the NAT router is not able to keep the pin holes active and things start failing. There is an option in CLI to force the source port on the UC520 to always be the listening port i.e. UDP 5060. Check section 4.4.12 on the below doc:
If the provider requires that SIP traffic always be sourced from the UC520 using TCP or
UDP port 5060, this can be changed at a system level as below:
This may help with outbound - inbound I would need to check the logs.