Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Need help with SIP

Heres my issue: I wish to permit our remote users access to our PBX (Switchvox1) using SIP. According to the PBX requirements UDP ports 10000-105000 must be open to permit traffic. I am able to auth to the PBX outside of the network and even hear traffic but when you attempt to talk nothing is transmitted. So it goes something like this ~ User auths to PBX via remote connection, established and config is good - Caller#1 comes into our Voice T-1's pushed directly to our PBX - PBX routes call to an extension (User) and pushes data to that SIP phone (All inbound data is fine, you can hear and what not with no issues) - when User attempts to talk Caller#1 can hear nothing. Any help would be appreciated! Heres a mod'ed show run from the PIX (where I think the issue is)

PIX Version 7.0(4)

object-group service sipports udp

port-object range 10000 10500

object-group service sipgateway tcp-udp

access-list outside_access_in extended permit udp any host sipgw-ext eq sip

access-list outside_access_in extended permit udp any host sipgw-ext range 10000 10500

access-list outside_access_in extended permit tcp any host sipgw-ext eq sip

access-list outside_access_in extended permit tcp any host sipgw-ext eq 5222

access-list outside_access_in extended permit tcp any host sipgw-ext eq ssh

access-list outside_access_in extended permit tcp any host sipgw-ext eq www

access-list outside_access_in extended permit tcp any host sipgw-ext eq https

access-list outside_access_in extended permit tcp any host sipgw-ext eq echo

access-list outside_access_in extended permit tcp any host sipgw-ext eq domain

access-list outside_access_in extended permit tcp any host sipgw-ext gt talk

access-list outside_access_in extended permit tcp any host sipgw-ext

access-list outside_access_in extended permit udp host sipgw-ext range 10000 10500 host switchvox1

access-list outside_access_in extended permit tcp host sipgw-ext host switchvox1 eq sip

nat-control

global (outside) 1 interface

global (inside) 2 interface

nat (inside) 1 0.0.0.0 0.0.0.0

nat (dmz4) 1 0.0.0.0 0.0.0.0

static (dmz4,outside) tcp pbx2-ext ssh pbx2-int ssh netmask 255.255.255.255

static (dmz4,outside) tcp pbx2-ext https pbx2-int https netmask 255.255.255.255

static (dmz4,outside) tcp pbx2-ext sip pbx2-int sip netmask 255.255.255.255

static (dmz4,outside) udp pbx2-ext sip pbx2-int sip netmask 255.255.255.255

static (dmz4,outside) tcp pbx2-ext 5222 pbx2-int 5222 netmask 255.255.255.255

static (dmz4,outside) tcp sipgw-ext ssh switchvox1 ssh netmask 255.255.255.255

static (dmz4,outside) tcp sipgw-ext https switchvox1 https netmask 255.255.255.255

static (dmz4,outside) tcp sipgw-ext sip switchvox1 sip netmask 255.255.255.255

static (dmz4,outside) udp sipgw-ext sip switchvox1 sip netmask 255.255.255.255

static (dmz4,outside) tcp sipgw-ext 5222 switchvox1 5222 netmask 255.255.255.255

access-group outside_access_in in interface outside

access-group dmz1-2_in in interface dmz1

access-group dmz1-2_in in interface dmz2

access-group dmz4_access_in in interface dmz4

route outside 0.0.0.0 0.0.0.0 X.X.X.X

route dmz4 10.1.2.0 255.255.255.0 10.10.6.2 1

route dmz4 10.50.0.0 255.255.0.0 10.10.6.2 1

route dmz4 10.1.1.0 255.255.255.0 10.10.6.2 1

route dmz4 10.10.0.0 255.255.0.0 10.10.6.2 1

1 REPLY
New Member

Re: Need help with SIP

no help?

116
Views
0
Helpful
1
Replies
CreatePlease to create content