So I have been trouble shooting this for a while.
Goal: having Cisco Jabber to work over 3G by connecting to ASA5505 using the iPhone AnyConnect client.
My diagram: iPhone (Jabber/AnyConnect) -> Internet -> ASA5505 -> UC540
ASA/UC540 Vlans: voice Vlan 10.1.1.0/24, data Vlan 192.168.1.0/24
The connection between the ASA and UC540 is trunk port allowing vlan 1 and 100 (data and voice)
ASA5505 AnyConnect address pool: 172.16.1.X/27
If I connect to the UC540 over wifi, Jabber works perfectly (all incoming, outgoing, and voicemail)
If I connect to the ASA5505 via 3G (AnyConnect client) and the iphone receives a 172.16.1.1 address, it can ping CME/CUE no problem but the Jabber client connect.
Here is the crazy part... if I change the AnyConnect address pool to be the same as the voice vlan (to 10.1.1.100-120 ensuring no IP address overlap) Jabber connects on the iPhone but messaging does not work - CUE can't access the iphone when it receives a 10.1.1.100 address assigned by the firewall.
Please help... I believe it's a routing issue. When running 'debug ip icmp' on the UC540 while trying to register with the iPhone, the debug shows:
003949: Oct 21 18:06:55.233: ICMP: dst (10.1.10.2) port unreachable sent to 172.16.1.1
strange... why is it sending port unreachable? I can ping 172.16.1.1 from CME and CUE no problem.
Sorry to say this is not supported, several of us have got it to work, but for me it all of a sudden drops the call. I'm not sure when it will be 100% supported but maybe someone from teh business unit can address that.
Part of the reason is the phone must be on the Voice VLAN (according to the docs) so I am not sure how you are bridging the voice vlan through the firewall in a routed configuration.