Help configuring BTnet and VoIP priority on ASA5510
We are about to install a BTnet 50mb leased line and need to configure our firewall to accept the new internet connection as well as prioritise traffic to the SIP platform.
This is what I have received from BT.
The BT SIP Trunk / BTnet service has the following requirements:
If address translation is required then SIP will only work with NAT and not PAT
The PBX will need to appear on the outside of the firewall with a RIPE IP address
Your PBX requires access to the BT SIP platform on IP address 85.xxx.xx.x using port numbers 5060 to 5061.
SIP ALG must be disabled
BT’s SIP Platform has an IP address of 85.xxx.xx.x. This address should be used to build the policies to support prioritisation i.e. traffic to and from this address should be prioritised over other competing traffic in your LAN infrastructure.
1. The incoming and outgoing BT SIP and VoIP (RTP) traffic should be prioritised over other traffic though the firewall.
2. If the SIP signalling and VoIP traffic traverses your LAN (e.g. between IP phones and PBX or between the PBX and the firewall) and competes with other traffic then it will need to be prioritised over that other traffic.
Has anyone set this up on the ASA5510 before and if so, could you help with some pointers to guide us through the below using the ASDM (command line if needed)?
The network routing sounds fine, but where do I need to check if SIP ALG is disabled?
What service policy settings should I use for the VoIP traffic? In the wizard i see...
Create service policy and apply to: Interface - The_Internet
Traffic Match Criteria: IP Precedence
Available IP Precedence: priority (1)?
Protocol Inspection: SIP?
QoS: Enable priority for this flow
Important Note: The SIP and VoIP (RTP) packets are not re-marked in terms of CoS, ToS, DSCP or any other Quality of Service markings.
Do I need to add a service policy for the 50mb leased line internet connection? In the past I have had to configure QoS Input policing for the commited rate and burst size - If I need to do this again, please can you advise on the best bit/second and burst configuration to use for 50mb (not sure if it needed but we will have 18 VoIP lines so only 2-3mb VoIP data)?
Thanks in advance - We rarely configure this stuff on our ASA so I just want to be sure I am doing it right!
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...