Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Odd behaviour with Cisco 1841 and SPA525G2

Hi everyone,

after installing an SPA525G2 SIP parallel to an Asterisk Server I encountered the following really strange behaviour: when the SIP phone is called from outside, the ringing is pretty normal but when the call is answered the 1841 stops working properly. It stops routing (no outside IP is reachable from inside) for approx. 100secs. The router can be pinged from inside but does not react to HTTP, SSH or Telnet requests. After the 100secs mentioned before the router recovers and works pretty well up to the next SIP call...

I have no idea what's up with the devicde or config as it worked pretty well up to the installation of the SPA phone.

Attached you'll find the config of my router. If there is any idea how to solve this please drop me a line...

Best regards and thanks in advance,

Joerg


!
! Last configuration change at 20:01:01 PCTime Mon Aug 13 2012 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 1841
!
boot-start-marker
boot system flash c1841-adventerprisek9-mz.151-4.M.bin
boot-end-marker
!
!
logging buffered 51200 notifications
enable secret 5 xyz
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login ciscocp_vpn_xauth_ml_1 local
!
!
!
!
!
aaa session-id common
!
memory-size iomem 20
clock timezone PCTime 1 0
dot11 syslog
ip source-route
!
!
!
ip dhcp excluded-address 172.20.2.111 172.20.2.254
!
ip dhcp pool Mowgli_1
host 172.20.2.2 255.255.255.0
client-identifier 0100.215c.5465.6d
client-name Mowgli
default-router 172.20.2.254
dns-server 172.20.2.254
lease infinite
!
ip dhcp pool Mowgli_2
host 172.20.2.3 255.255.255.0
client-identifier 0100.216a.81ad.7a
client-name Mowgli
default-router 172.20.2.254
dns-server 172.20.2.254
option 66 ip 172.20.2.251
option 150 ip 172.20.2.251
lease infinite
!

!
ip cef
no ip bootp server
ip domain name local
ip host kaa 172.20.2.251
ip name-server 194.25.2.129
ip name-server 194.25.2.130
ip name-server 194.25.2.131
ip name-server 194.25.2.132
ip name-server 194.25.2.133
no ipv6 cef
!
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-2078692299
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2078692299
revocation-check none
rsakeypair TP-self-signed-2078692299
!
crypto pki trustpoint tti
revocation-check crl
rsakeypair tti
!
!
crypto pki certificate chain TP-self-signed-2078692299
certificate self-signed 01
  30820247 308201B0 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 32303738 36393232 3939301E 170D3130 30333331 32333238
  33385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 30373836
  39323239 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100BDBE D21118FB A8B9C354 8B6701E8 D1775216 A3E5DA92 2D772C73 15B26FA2
  3BA5761C 38DAC583 558FE252 120FCF56 81505D71 50C5544C F9A542D4 845E15AC
  B1BE4FB0 554E74C3 90A904E8 1AB4FCC6 8302490F A90902EC 4F0270E0 9F7E9CB7
  7A6ACA1B 92DAE117 5B655F61 27145E6B A3DCA0E4 EA5BAB25 81AA6A74 D48DCEBB
  6E9F0203 010001A3 6F306D30 0F060355 1D130101 FF040530 030101FF 301A0603
  551D1104 13301182 0F313834 312E6772 65737365 6E696368 301F0603 551D2304
  18301680 14B9D3F0 6ADFD6F6 D2D7624C 79CB2693 BDAEC6B5 EE301D06 03551D0E
  04160414 B9D3F06A DFD6F6D2 D7624C79 9B2693BD AEC6B5EE 300D0609 2A864886
  F70D0101 04050003 8181005F 6FD491BB 36B29EA7 852271BE 080CC681 1507BA12
  686E9F09 6691DB57 73606822 0A879A1B E0411E9C 1F8DB1C1 4F0B7A15 0D5A882B
  BD65148D 3D285A94 87493FD7 3A88C4A4 3619D7B3 F469AC4D 2620EC55 425BEA5C
  7F2DFC32 B773F590 BE205423 D69FB717 5135185D 3F221F1A C507AEF5 64EBEB07
  B2ABE98C 64826C65 F65DDD
        quit
crypto pki certificate chain tti
!
!
license udi pid CISCO1841 sn ABCDEFGH

object-group network Telefone
description VoIP Telefone
host 172.20.2.50
host 172.20.2.51
host 172.20.2.52
host 172.20.2.53
host 172.20.2.54
!
username admin privilege 15 password 7 1234567890

redundancy
!
crypto key pubkey-chain rsa
named-key realm-cisco.pub
  key-string
   30820122 300D0609 2A864886 F70D0101 01050003 82010F00 3082010A 02820101
   00C19E93 A8AF124A D6CC7A24 5097A975 206BE3A2 06FBA13F 6F12CB5B 4E441F16
   17E630D5 C02AC252 912BE27F 37FDD9C8 11F37AF7 DCDD81D9 43CDABC3 6007D128
   B199ABCB D34ED0F9 085FADC1 359C189E F30AF10A C0EFB624 7E0764BF 3E53053E
   5B2146A9 D7A5EDE3 0298AF03 DED7A5B8 9479039D 20F30663 9AC64B93 C0112A35
   FE3F0C87 89BCB7BB 994AE74C FA9E481D F65875D6 85EAF974 6D9CC8E3 F0B08B85
   50437722 FFBE85B9 5E4189FF CC189CB9 C9C46F9C A84DFBA5 7A0AF99E AD768C36
   006CF498 079F88F8 A3B3FB1F 9FB7B3CB 5539E1D1 9693CCBB 551FF8D2 892356AE
   2F56D826 8918EF3C 90CA4F4D 87BFCA3B BFF668E9 689782A5 CF31CB6E B4B094D3
   F3020301 0001
  quit
!
!
controller DSL 0/0/0
mode atm
dsl-mode shdsl symmetric annex B
!
no ip ftp passive
!
class-map match-any AutoQoS-VoIP-Remark
match ip dscp ef
match ip dscp cs3
match ip dscp af31
class-map match-any AutoQoS-VoIP-Control-UnTrust
match access-group name AutoQoS-VoIP-Control
class-map match-any AutoQoS-VoIP-RTP-UnTrust
match protocol rtp audio
match access-group name AutoQoS-VoIP-RTCP
!
!
policy-map AutoQoS-Policy-UnTrust
class AutoQoS-VoIP-RTP-UnTrust
  priority percent 40
  set dscp ef
class AutoQoS-VoIP-Control-UnTrust
  bandwidth percent 5
  set dscp af31
class AutoQoS-VoIP-Remark
  set dscp default
class class-default
  fair-queue
!
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
!
crypto ipsec transform-set ASA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
!
!
!
!
interface FastEthernet0/0
description DMZ$FW_OUTSIDE$
ip address 10.10.10.254 255.255.255.0
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/1
description $ETH-LAN$$FW_INSIDE$
ip address 172.20.2.254 255.255.255.0
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
no atm ilmi-keepalive
!
interface ATM0/0/0.1 point-to-point
pvc 1/32
  vbr-nrt 2048 2048
  tx-ring-limit 3
  service-policy out AutoQoS-Policy-UnTrust
  pppoe-client dial-pool-number 1
  auto qos voip
  auto discovery qos
!
!
interface FastEthernet0/1/0
no ip address
!
interface FastEthernet0/1/1
no ip address
!
interface FastEthernet0/1/2
no ip address
!
interface FastEthernet0/1/3
no ip address
!
interface Virtual-Template1
ip unnumbered FastEthernet0/0
!
interface Vlan1
no ip address
!
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 2
ppp authentication chap pap callin
ppp chap hostname xxx
ppp chap password 7 xyz
ppp pap sent-username xxx password 7 xyz
!
ip local pool SSL_VPN 192.168.222.1 192.168.222.5
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
ip flow-top-talkers
top 5
sort-by bytes
cache-timeout 100
!
ip dns server
ip nat pool ASTERISK 172.20.2.251 172.20.2.251 netmask 255.255.255.0 type rotary
ip nat inside source list 1 interface Dialer1 overload
ip nat inside destination list ASTERISK pool ASTERISK
ip route 0.0.0.0 0.0.0.0 Dialer1 permanent
!
ip access-list extended ASTERISK
permit udp any any eq 5060
permit udp any any range 14940 14999
permit udp any any eq 4569
ip access-list extended AutoQoS-VoIP-Control
permit tcp any any eq 1720
permit tcp any any range 11000 11999
permit udp any any eq 2427
permit tcp any any eq 2428
permit tcp any any range 2000 2002
permit udp any any eq 1719
permit udp any any eq 5060
ip access-list extended AutoQoS-VoIP-RTCP
permit udp any any range 16384 32767
!
logging esm config
access-list 1 permit 172.20.2.0 0.0.0.255
access-list 1 remark NAT_in_out
!
!
!
!
!
!
!
!
control-plane
!
!
banner motd ^CTest!^C
!
line con 0
line aux 0
line vty 0 4
privilege level 15
length 0
transport input telnet ssh
!
scheduler allocate 20000 1000
ntp update-calendar
!
webvpn gateway gateway_1
ip address 123.45.678.90 port 443
http-redirect port 80
ssl trustpoint TP-self-signed-2078692299
inservice
!
webvpn install svc flash:/webvpn/anyconnect-win-3.0.1047-k9.pkg sequence 1
!
webvpn context VPN_Home
title "Home WebVPN"
secondary-color white
title-color #669999
text-color black
ssl authenticate verify all
!
login-message "Willkommen"
!
policy group policy_1
   functions svc-enabled
   banner "Login Successful!"
   svc address-pool "SSL_VPN"
   svc default-domain local
   svc keep-client-installed
   svc split dns "172.20.2.254"
   svc split include 172.20.2.0 255.255.255.0
   svc dns-server primary 194.25.0.52
   svc dns-server secondary 194.25.0.60
default-group-policy policy_1
aaa authentication list ciscocp_vpn_xauth_ml_1
gateway gateway_1
inservice
!
end

  • IP Telephony
Everyone's tags (5)
470
Views
0
Helpful
0
Replies
This widget could not be displayed.