Hi I have a question regarding allowing SIP traffic through an ASA.
I have the following situation.
'LAN A' with Call Manager and Phones <---> ASA 5520(running 8.3) <-----> internet <---> Another 3rd Party Firewall <---------> 'LAN B' 2 Cisco IP Phones
The remote phones in 'LAN B' will be configured to send SIP traffic to the Call Manager in 'LAN A'
Now I want to let my phones in the LAN make calls to the 2 Cisco IP Phones behind the other firewall.
To make calls FROM the 'LAN A' to the phones in 'LAN B' on the ASA 5520 I was thinking I need to;
1) Enable SIP inspection and RTSP inspection
2) Put in a static nat translation and ACE to expose the Cisco Call manager to the remote phones.
3) Put in a rule allowing outbound SIP Traffic to the remote phones.
4) Setup Proirity Queuing for VOIP.
My questions are
1) Does this sound sufficient from the point of view of the ASA 5520 configuration? If not, what am I missing?
2) From my understanding the SIP inspection will NAT the IP's of the phones for the RTP(voice) and open up pinholes. Does this mean I should not need to create any NAT's or ACL's for the RTP traffic? If this is true how does the SIP inspection decide what to NAT the phone IP's to for RTP traffic? I can't seem to find the answer anywhere.
3) Is the configuration similar if the traffic is Skinny instead?
Thanks in Advance.