I have PIX firewall and i configured IPSEC VPN for external users to use IP communicator as their office phones outside the company.
When user use the communicator outside the company, he hear any voice call and the called party hear him even the user call someone inside or outside the company.
But, when the user is inside the company and use the communicator and make external call, he can't hear the called party but the called party hear him.
I think that this issue occur due to that when user access from outside, he assigned to vpn pool which defined on PIX but when user becomes inside the company, he assigned by the data VLAN which natted to real IP for internet access as i tried to nat 0 this data vlan and calls heared by the two ways but no internet access.
So, how to compromise bet. the nat 0 and nat public at the same time for the same inside data vlan.
Oftentimes, a one-way voice issue is actually due to a routing issue. If you are only experiencing an issue when the IPCommunicator user is inside the network, be sure to confirm all routes from the Voice Gateway (the device that is responsible for terminating outside calls) and the User who is experiencing the issue. We know that the outbound route is correct as the remote user can hear the inside user. Check along this path and confirm that there are also no ACLs that would block UDP traffic.
I confirmed that all routes are right and issue arise from natting as router see the virtual inside LAN as public IP, when i remove the global natting and make it nat 0................call heared in the two ways normally......................i test it by myself, but i can't leave in such way as inside virtual LAN must natted to public IP to access internet
Are these external callers internal to your company? Or are they part of the internet? If they are part of your own network, then you can configure an access-list to specify nat0 rules between your internal users to those external devices (which are also part of your network).
If the callers are internet users (anybody in the world including analog telephones), do you have another device along the path that is doing natting? If yes, then that could be the problem i.e. you are trying to NAT twice and the second nat device is having issues with already natted traffic.
Sorry, may be there is miss-understanding, i mean the inside company employees laptops.
When these employees access our network from outside through VPN, to open their ip communicator as their deskphones...it make calls outside as he sit inside his office and the call heared from both sides.
But, when this employees come back to his office and open his laptop which reside in the inside virtual data vlan and make external call , it is heared from outside only and the employee can't hea any thing.
I tried the secnario as i explained in my last reply.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...