09-21-2013 03:38 PM - edited 03-11-2019 07:41 PM
I have ran into a problem with my Polycom behind my ASA5510. I cannot receive calls from the outside and when placing calles from inside to outside the connection completes and my audio/video reaches the outside but no audio/video is returned through the firewall. I am a newbe to firewall configs so any help would be greatly appreciated. My ASA is running version 9.1(2) and below is the config as it relates to the polycom.
object network polycom_private
host 10.3.0.x
object network polycom_public
host 63.234.x.x
object-group service h323-Group
service-object tcp destination eq h323
service-object object 3230-3235
service-object object 3230-3280
access-list outside_acl extended permit object-group h323-Group any object polycom_private
object network polycom_private
nat (inside,outside) static 63.234..x.x
I have disabled h323 inspection and still i cannot make a successful connection.
Thanks in advance.
09-25-2013 09:06 AM
After working with TAC we have made a few changes on the ASA to get this partially working. I can now make outbound calls to remote sites and get audio and video to pass in both directions. However, I still cannnot get any inbound calls to pass through the ASA. Here are the changes TAC made to the ASA to get this working most of the way.
Issue: ASA was dropping packets with 'router alert' IP option set.
Fix: Created a new policy-map to specifically allow this traffic and applied it to the Global Policy.
Also, enabled Skinny, SIP, H323 inspection on the global policy.
Still working on the remote site dialing in but as of right now when testing an inbound call from a remote site for reasons unknown, we were seeing SYN on port 1720 coming in from the remote Polycom unit, being untranslated and going to the local Polycom unit, however, we never saw a Syn Ack for that.
Work in progress..
Jimmy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide