Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

RTP Issue through NAT (PIX7.2.(2).18)

Hi all

I got a weird problem with a PIX 515 (7.2(2).18.

I'm natting SIP behind the Firewall [CME 4.1(0) (c2801-ipvoicek9-mz.124-11.XJ1.bin)].

Incoming and outgoing SIP-calls are working perfectly.

See old conversation http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Unified%20Communications%20and%20Video&topic=IP%20Telephony&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40.1ddd38eb

Unfortunately, "forwarding-all" function (with a SIP-incoming call to an external number [through the same SIP-Proxy])

is sending the SIP-signal (ringing) but no RTP-flow.

On the PIX the "SIP inspect" is activated.

Is there a possibility to configure a symmetric / consistent NAT on the PIX to allow the RTP-stream to be built up?

Thanks and regards,

norbert

2 REPLIES
New Member

RTP Issue through NAT (PIX7.2.(2).18)

Hi Norbert,

have you found a solution for this? I have a similiar problem with CME and an IOS router in front of it.

Thanks

Frank

New Member

RTP Issue through NAT (PIX7.2.(2).18)

Hmmm.... long time ago ;-)

I had to change some settings on the cme:

....

voice service voip

no ip address trusted authenticate

allow-connections h323 to h323

allow-connections h323 to sip

allow-connections sip to h323

allow-connections sip to sip                                             <-

no supplementary-service sip moved-temporarily               <-

no supplementary-service sip refer

redirect ip2ip

fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none

h323

  h245 caps mode restricted

sip

  registrar server

  asserted-id ppi                                                            <-

!

....

!

sip-ua

credentials username password realm

keepalive target dns:

authentication username password realm

retry invite 2

retry response 2

retry bye 2

retry register 2

retry options 1

registrar dns:

expires 60

Greets,

Norbert

344
Views
0
Helpful
2
Replies