Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

SIP trunk firewall Traversal issue

Dear Experts,

I have configured SIP trunk with authentication. the authentication is username and password. I use CUBE to acheive this.

the call flow is like the following

phone ---> CCM 6.1 -----> H323 ----> CUBE -----> Firewall -----> Internet ------> SIP provider.

while I do troubleshooting, I found a message told me that the firewall traversal is not enabled.

I do stun configuration by using the following commands

voice sevice voip

stun

  stun flowdata agent-id 10

voice class stun-usage 1

stun usage firewall-traversal flowdata

after that, the firewall traversal message disappear from the logs. but the call is not working.

the sip provider has a STUN server, how we can use it ? and also what is the STUN ?

thanks in advance

Anas

7 REPLIES
Cisco Employee

SIP trunk firewall Traversal issue

Do you have captures from CUBE for a failed call?

Tapan

Re:SIP trunk firewall Traversal issue

It shows me a dead call, when I do.debug ccsip calls.

regards
Anas


Sent from Cisco Technical Support Android App

Re:SIP trunk firewall Traversal issue

That reply is not helpful,

capture debug ccsip messages

And provide the logs.

--
Jorge Armijo

Please remember to rate helpful responses and identify helpful or correct answers.

-- Jorge Armijo Please remember to rate helpful responses and identify helpful or correct answers.

Re:SIP trunk firewall Traversal issue

Dears,

kindly find the attached logs

thanks in advance

Anas

Re:SIP trunk firewall Traversal issue

Hi Guys,

can any one help me with this case ?

thanks in advance
regards

Sent from Cisco Technical Support Android App

Re:SIP trunk firewall Traversal issue

Hi

The version of the CUBE is 15.x?

Please rate all useful posts

Regards
Chrysostomos

""The Most Successful People Are Those Who Are Good At Plan B""

Please rate all useful posts Regards Chrysostomos ""The Most Successful People Are Those Who Are Good At Plan B""

Re:SIP trunk firewall Traversal issue

Here's the issue:

Sent:

INVITE sip:009627XXXXXXX@sipgate.de:5060 SIP/2.0

Via: SIP/2.0/UDP 192.168.33.127:5060;branch=z9hG4bKF1147

Remote-Party-ID: <00494XXXXXXX1>;party=calling;screen=yes;privacy=off

From: <>00494XXXXXXX1@sipgate.de>;tag=3A5AA8-139A

To: <>009627XXXXXXX@sipgate.de>

Date: Sun, 07 Jul 2013 08:54:45 GMT

Call-ID: B47C60AE-E61911E2-8014F945-EAF1556@192.168.33.127

Supported: 100rel,timer,resource-priority,replaces,sdp-anat

Min-SE:  1800

Cisco-Guid: 15705573-2133102877-100672513-3232243830

User-Agent: Cisco-SIPGateway/IOS-12.x

Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, PRACK, UPDATE, REFER, SUBSCRIBE, NOTIFY, INFO, REGISTER

CSeq: 102 INVITE

Max-Forwards: 70

Timestamp: 1373187285

Contact: <00494XXXXXXX1>

Expires: 180

Allow-Events: telephone-event

Proxy-Authorization: Digest username="1430052e1",realm="sipgate.de",uri="sip:009627XXXXXXX@sipgate.de:5060",response="90b394921ae0523993f5f44fe1715f41",nonce="51d926d735a262f3a6904b27adba2bb98012f4a7",algorithm=md5

Content-Length: 0

Received:

SIP/2.0 403 Forbidden (check from field)

Via: SIP/2.0/UDP 192.168.33.127:5060;rport=49786;received=192.168.33.127;branch=z9hG4bKF1147

From: <>00494XXXXXXX1@sipgate.de>;tag=3A5AA8-139A

To: <>009627XXXXXXX@sipgate.de>;tag=6d6e7f8f352adddb20da2b196524dfa8.b769

Call-ID: B47C60AE-E61911E2-8014F945-EAF1556@192.168.33.127

CSeq: 102 INVITE

Content-Length: 0

Seems like the SIP Server does'n like the FROM header:

From: <>00494XXXXXXX1@sipgate.de>;tag=3A5AA8-139A

You can modify the FROM header with a SIP Profile:

voice class sip-profiles 1111

request ANY sip-header From modify "sip:(.*)@" "sip:[whatever they want to receive]@"

You may ask your Service Provider what they don't like on the INVITE, then you can modify it accordingly.

Some information if STUN:

http://www.voip-info.org/wiki/view/STUN

HTH

--
Jorge Armijo

Please remember to rate helpful responses and identify helpful or correct answers.

-- Jorge Armijo Please remember to rate helpful responses and identify helpful or correct answers.
964
Views
0
Helpful
7
Replies
CreatePlease to create content