CUCM ANN media resource and firewall

Unanswered Question
Jul 6th, 2009
User Badges:

I am running IP Communicator over a VPN connection to corp voip CUCM server.

I noticed that if I dialed a wrong number, I normally would hear "your call can not be completed, blah...", and now, I only hear fast busy. so the ANN media path being blocked somewhere.

when I use IP Communicator inside the Corp network (so without firewall), I can hear the prompt.

who could provide some clue regarding the ANN traffic/stream info at TCP/UDP port level?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sheepate Mon, 07/06/2009 - 05:44
User Badges:

If you have firwall/routing problem, CUCM will allocate ANN but you will hear dead air.

If you hear busy, that is CUCM telling phone to play busy tone. CUCM did not allocate ANN.

Check MRGL/MRG settings for clues.

study_voip Mon, 07/06/2009 - 05:56
User Badges:

Thanks for reply.

ANN is in default MRGL, so can be reached from anywhere, any device pool and any IP communicator.

and when I work inside the network with IP communicator, no problem

parshah Mon, 07/06/2009 - 08:57
User Badges:
  • Cisco Employee,


In you firewall make sure you allow RTP between the IP of the ANN and the IPC over VPN.

Currently you are most likely allowing signalling (SCCP) only between the 2 IP. To be able to hear the ANN prompts, you should allow RTP as well.


study_voip Mon, 07/06/2009 - 09:24
User Badges:

very interesting point

with VPN connection, my IPC can make regular call without problem, so RTP I would say is allowed at least between my IPC and my gateway

so want to get some deep info regarding how ANN (TCP/UDP) works in this case

thanks again

parshah Mon, 07/06/2009 - 09:36
User Badges:
  • Cisco Employee,


The ANN is a device in CUCM that resides on the CUCM servers, just like MOH, and it is capable of transmitting RTP.

So for IPC across VPN to be able to hear prompts from ANN, you need to allow RTP from IP of the ANN, one of the CUCM servers, to the IP of IPC across VPN.

Now, depending on the MRG/MRGL, you could have ANN from any of CUCM server allocated. So, I would suggest allow RTP from IP of all your CUCM server to the IPC over VPN. This should take care of RTP for MOH as well.



This Discussion