Need help for NAT, ACL for VoIP

Unanswered Question
Feb 24th, 2014
User Badges:

Dear experts

I configure my PBX server to work with one VoIP provider. When I put the server in blank network, mean that without VLANs.

The IP PBX server can register to the VoIP provider system normally and I can make call out and receive calls normally.

However,  when I put the PBX behind the Cisco router with some configuration. The  PBX cannot register with the VoIP provider system.

Eventhough I can receive calls from outside but can not make a call from inside to outside, because of the PBX cannot register.

Could you please help me to point out what is wrong with my Cisco router configuration.

Thanks a lot


Building configuration...


Current configuration : 1982 bytes

!

! Last configuration change at 17:18:27 UTC Mon Feb 24 2014

version 15.1

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

!

enable secret 5 $1$ZJEF$8np0QvQTD1nTaOosa9yGW1

!

no aaa new-model

memory-size iomem 20

!

no ipv6 cef

ip source-route

ip cef

!

!

!

!

!

multilink bundle-name authenticated

!

!

crypto pki token default removal timeout 0

!

!

license udi pid CISCO2911/K9 sn FTX1603AH9C

!

!

!

!

!

!

!

!

interface Embedded-Service-Engine0/0

no ip address

!

interface GigabitEthernet0/0

description internal-LAN

ip address x.x.x.4 255.255.0.0

ip nat inside

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/1

no ip address

duplex auto

speed auto

!

interface GigabitEthernet0/1.1

encapsulation dot1Q 11

ip address 172.x.x.1 255.255.240.0

!

interface GigabitEthernet0/2

description internet

ip address 50.x.x.93 255.255.x.x

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

!

ip forward-protocol nd

!

no ip http server

no ip http secure-server

!

ip nat inside source list 100 interface GigabitEthernet0/2 overload

ip nat inside source static udp x.x.x.8 5060 50.x.x.93 5060 extendable

ip route profile

ip route 0.0.0.0 0.0.0.0 50.x.x.94

ip route 172.16.240.0 255.255.x.0 x.x.x.5

ip route 172.16.242.0 255.255.x.0 x.x.x.5

!

access-list 100 permit ip x.x.0.0 0.0.255.255 any

access-list 100 permit ip 172.16.240.0 0.0.0.255 any

access-list 100 permit ip 172.16.242.0 0.0.0.255 any

access-list 100 permit udp any any range 5004 5090

access-list 100 permit udp any any range 10000 20000

!

!

!

control-plane

!

!

!

line con 0

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Vasilii Mikhail... Tue, 02/25/2014 - 11:10
User Badges:
  • Gold, 750 points or more

Hello.


Do you have the same static NAT mapping for TCP 5060?

Actions

This Discussion