I have a scenario wherein SIP sessions need to be established across FWSM. The following is the scenario:-
On the FWSM there is a DMZ on which all voice devices reside which includes cal manager, voice routers and ip phones.The voice routers are on HSRP with 192.168.3.254 as virtual ip address.SIP sesison will be initiaied by the Voice router to a public IP address of the provider say A.A.A.A. i.e. the SRC=B.B.B.B DEST=A.A.A.A (Outgoing). Here B.B.B.B is a public IP address in our range. We will get incoming calls as SRC=A.A.A.A DEST=B.B.B.B.
A.A.A.A = Provider SIP Public Ip address
B.B.B.B = Our SIP Public IP address
Outgoing Call SRC=B.B.B.B ----~ DEST=A.A.A.A
(Session initiated by dmz Voice router)
Incoming Call SRC=A.A.A.A ----~ DEST=B.B.B.B
This means that there is one public IP (B.B.B.B) from our side that is used for all SIP transactions (Incoming and Outgoing).Also one public IP (A.A.A.A) used by the ISP for all SIP transactions. (Incoming and Outgoing).
The following is the configuration that i tried out:-
You are doing a translation for UDP but the error message indicates that the ISP is sending 'TCP' data. Why don't you just do a simple one to one static mapping? And do any access-control required using ACLs. Using port rediction for voice is not that advisable anyway.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...