Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Session Border Controller Nearly Works! Help!


I have the following senario:

1. Softphone client (from client network) connects to my edge router for SBC

2. SBC passes to PIX and then to AS5300. Call is connected to PSTN.

I've been trying to get the Cisco SBC to work for a while now and am pretty close. I have the following config set on my router and can see the NAT being done and the source/destination being changed.

(external ip is the internet routed external ip of the AS5300 router and internal ip is the internal ip of the AS5300 router)

ip nat sip-sbc

proxy externalip 5060 internalip 5060 protocol udp

call-id-pool call-ip-pool

session-timeout 300

mode allow-flow-around

ip nat translation timeout 10

ip nat translation tcp-timeout 10

ip nat translation udp-timeout 10

ip nat pool call-id-pool netmask

ip nat inside source list 111 pool call-id-pool

At present access-list 111 permits any to the external ip so anything going there gets NAT'd.

This works fine (the call connects but I just don't get any sound) apart from one small hitch. The call comes in from the outside, gets translated, hits the router and the router connects it to our PSTN network. All is fine until the router tries to connect the media stream and 'reply' to the initial connection. My FW sees this as a reply and allows it through but when it gets to the edge router (with the SBC on it) a new connection is seemingly created and hence the FW at the client end doesn't allow this new connection through (the connection does have the correct source/destination but is just obviously not seen by the FW as part of the original conversation).

Why would unNATing a packet mean that it's no longer seen as part of the original conversation by the FW at the other end?

If I set my access list on the client FW to allow new connections then everything works and the media stream connects but I can't get customers to do that.

I hope that makes sense to someone!

Thanks very much for your time,


CreatePlease to create content