I'm not very versed in using this ASA 5505. My former "IT Guy" set it up for me a long time ago. I've been able to fumble my way around in the ASDM a few times to make changes to static IP, etc.
But now I'm at a point I absolutely don't know what to do, even though to me it seems like it should be a simple thing?
I purchased a NetTalk DUO voip unit. This is similar to a magicjack but allows for the device to be connected to the network via ethernet (or usb to a pc...either way). I haven't been able to get it to work correctly when connected to an ethernet port in my home office, but it does work fine when connected to my PC via usb.
Nettalk support claims it is because the ASA is an "enterprise" device and their unit is not designed to be used with it. That doesn't sound acceptable to me because it works fine when connected to my PC which is connected to the ASA.
From reviewing their FAQ's, the only thing I've found is that certain ports need to be 'open' in order for the device to work properly on the network. I need to open the following:
TFTP port: 69 SIP port: 5060 RTP port range: 10000-20000
I'm hoping someone here can advise me on how to do this via the ASDM GUI interface.
Let me know if you need any other info from me regarding the current setup and I'll post what you request.
The following ports are typically used be the netTALK product.
Port 69: Used for updates (not necessary for phone calls). Port 5060: Standard SIP port for provisioning to the netTALK network. Port 10,000 - 20,000: Used for Voice transmission. If your router does not allow you to put in a range of ports then select port 12000. Protocol: UDP. TCP is NOT used. IP address: Different for each case. You can get the IP address by dialing *41# on the netTALK phone (when dial tone is present).
-Port Triggering- Implement the ports as stated above along with the protocols. Typically you are asked only to provide port number or range only along with the protocol. It may ask you for a public port and a private port per trigger. An example would be... Model: Private start port - Private end port, Protocol ++ Public start port - Public end port, Protocol Example: 5060 - 5060, UDP ++ 5060 - 5060, UDP Example: 10000 - 20000, UDP ++ 10000 - 20000, UDP
-Port Forwarding- Implement the ports as stated above along with the protocols. Typically you are asked only to provide port number or range, along with the protocol and the IP address of the netTALK device. It may ask you for a public port and a private port per forward. An example would be... Model: Private start port - Private end port, Protocol, Private IP ++ Public start port - Public end port, Protocol Example: 5060 - 5060, UDP, 192.168.1.100 ++ 5060 - 5060, UDP Example: 10000 - 20000, UDP, 192.168.1.100 ++ 10000 - 20000, UDP
I have an ASA 5505 with the Security Plus License on it, setup as my router in my home. I also have NetTalk for my home phone. When my NetTalk device came in, I just plugged it into my switch (3com unmanaged gig switch), it got an IP, and it worked.
Do you know what type of license is on your ASA? For example the basic ASA 5505 you can buy with no license has a max 10 private IP addresses you can use on the inside of your network. Log in to your ASA and type this in:
You should see something like this:
Licensed features for this platform: Maximum Physical Interfaces : 8 VLANs : 20, DMZ Unrestricted Inside Hosts : Unlimited Failover : Active/Standby VPN-DES : Enabled VPN-3DES-AES : Enabled SSL VPN Peers : 2 Total VPN Peers : 25 Dual ISPs : Enabled VLAN Trunk Ports : 8 Shared License : Disabled AnyConnect for Mobile : Disabled AnyConnect for Linksys phone : Disabled AnyConnect Essentials : Disabled Advanced Endpoint Assessment : Disabled UC Phone Proxy Sessions : 2 Total UC Proxy Sessions : 2 Botnet Traffic Filter : Disabled
This platform has an ASA 5505 Security Plus license.
What does your read out say for Inside Hosts?
If you only have a max of 10 you can use, maybe you've uses them all up?
You shouldn't have to setup an Port Address Translations (port forwarding) to make the NetTalk device work.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...