One of one clients has a dedicated Apple Mac environment with Pix 501 firewall. They use iChat AV for Audio/ Video conferencing. The connection fails everytime a session is started to anyone outside the company.
iChat reports: Tried to send UDP SIP "invite" to the following IP addresses and ports: 192.168.x.x:5060
The following are enabled on the Pix server:
fixup protocol sip 5060
fixup protocol sip udp 5060
I have also added the line:
access-list 100 permit udp any any range 5060 5060
as well as:
access-list 100 permit udp any any range 16384 16403
access-list 100 permit tcp any any range 16384 16403
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...