Allowing Voip Calls On ASA

Unanswered Question
Aug 22nd, 2010

Hello Experts,

I have some internal users behind the ASA using Action Voip to make international calls. To allow them making calls I have to open full access through. That i want to stop it now. Please can anyone help to allow Action voip.
Any help will be appreciated.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jennifer Halim Sun, 08/22/2010 - 19:47

I believe Active voip uses SIP as the voice protocol, and SIP inspection is normally enabled by default on ASA unless you disable it.

All you need to allow for the traffic to pass through is call signalling and for SIP it's on port 5060 (not sure whether Action uses TCP or UDP, but feel free to open both TCP and UDP/5060 and check the hit count on the ACL to determine whether they use TCP or UDP SIP protocol).

You can check the output of "show service-policy" and look at the "SIP" inspection for the hit count too.

Here is explaination on SIP inspection for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/i2.html#wp1743169

Hope that helps.

Samir Shaikh Mon, 08/23/2010 - 03:00

I got the resolution

What I did is, I ran the Wireshark Protocol Anylyzer on the client PC before doing that I disconnected all the internet session and kept AcionVoip App running. After capturing the filters I noted the source and destination IP. However protocol information I got it from Actiovoip Website itself.

Further I create an acl and dynamic rule It was working then.

Thank you halijenn for  the comment and the useful information you gave. Really appreciated

Actions

This Discussion