Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ASA and H.323

Hello, colleagues,

I have some problems with configuring H.323 on ASA 5505 Version 7.2(1)

At the inside network there is a H.323 gateway with address

Static NAT is made that outside address X.X.X.X is forwarded to the inside address:

static (inside,outside) X.X.X.X netmask

ACL allow to pass traffic from particular H.323 gateways at the outside network.

There are inspect commands:

policy-map global_policy
class inspection_default
  inspect h323 h225
  inspect h323 ras

I run :

debug h323 h225 asn
debug h323 h225 event
debug h323 h245 asn
debug h323 h245 event

I see that ASA accept H.225 SETUP message, forward it to the inside address, received CALL PROCESSING from inside gateway, but don't forward it to the outside originating gateway.

After a period of time the outside originating gateway sends releaseComplete.

How to fix this issue? Is it possible that H.323 gateway at an inside network behind ASA works correctly with outside gateways?

I attached the debug output from the ASA.


Cisco Employee

Re: ASA and H.323

7.2.1 had some h323 inspection issues.

I would suggest to upgrade and try again.

I hope it helps.


Cisco Employee

Re: ASA and H.323

Probably CSCsm17247 resolved in 7.2.4

you can go to the above link login with your CCO ID and then key in this defect ID CSCsm17247


New Member

Re: ASA and H.323

Thank you, guys!

I will try to upgrade and post the results here.

New Member

Re: ASA and H.323

I have upgraded to Version 8.2(2), but it did not help

The behaviour is the same.

Going to change ASA to transparent mode operations to avoid NATing of H.323

Thanks for the answers.

Should anybody have experience or ideas about this issue, post here, please.

New Member

Re: ASA and H.323

Colleagues, the problem was with H.323 gateway, not with ASA.

Now it is solved.

Cisco Employee

Re: ASA and H.323

Thanks for letting us know. If it broke even after the upgrade - we were at a loss.


CreatePlease to create content