Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Jabber/MOVI call routing via VPN on VCS-E

Dear all

I have a Problem with the follow situation.

- 2 Movi Client via VPN Tunnel connectet on the VCS-Expressway

- both VPN tunnel on the same subnet.

- NO ICE configured!

Now the Problem is that the Signalling is going through the VCS-E but the Media traffic is going directly, which is in this situation over VPN would be not allowed.

Is it possible to configure something that all traffic Signalling and Media is going through the VCS-E if both MOVI Client  on the same subnet?

Best regards

Georg

Everyone's tags (3)
2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Jabber/MOVI call routing via VPN on VCS-E

The call between Jabber Video clients and bot have same sip contact address and source IP address, then VCS will treat as non-traversal call (client is not behind firewall).

Therefore VCS will not stay in media routing.

Are you able to configure DHCP scope range for VPN client for different subnet IP address?

Gold

Jabber/MOVI call routing via VPN on VCS-E

Hi Georg,

the media is going direct because there is no NAT between the Movi clients and the VCS-E, this is the expected behavior for SIP registered devices which are not behind a NAT.

To resolve this you would either have to

a) allow this direct media traffic between VPN clients in your firewall or

b) NAT the VPN Movi client traffic before it hits the VCS-E (In which case the VCS-E will take media for these calls)

Hope this helps,

Andreas

4 REPLIES
Cisco Employee

Jabber/MOVI call routing via VPN on VCS-E

The call between Jabber Video clients and bot have same sip contact address and source IP address, then VCS will treat as non-traversal call (client is not behind firewall).

Therefore VCS will not stay in media routing.

Are you able to configure DHCP scope range for VPN client for different subnet IP address?

Gold

Jabber/MOVI call routing via VPN on VCS-E

Hi Georg,

the media is going direct because there is no NAT between the Movi clients and the VCS-E, this is the expected behavior for SIP registered devices which are not behind a NAT.

To resolve this you would either have to

a) allow this direct media traffic between VPN clients in your firewall or

b) NAT the VPN Movi client traffic before it hits the VCS-E (In which case the VCS-E will take media for these calls)

Hope this helps,

Andreas

New Member

Jabber/MOVI call routing via VPN on VCS-E

Hi Andreas Hi Tomonori

Thank you for the quick answer.

Now I see now other way as to do NAT or allowed direct Traffic.

Best Regards

georg

Jabber/MOVI call routing via VPN on VCS-E

We filed that some time ago as a feature request but also never heard anything again.

* having a provisioning option telling specific clients to bind the media to the VCS.

* having a zone/localsubzone option to force/uncforce/auto expressway behavior

* improve the automatic sip fw (or better said today its only nat) behavior.

* implement "stun test II, request from different ip" http://upload.wikimedia.org/wikipedia/commons/6/63/STUN_Algorithm3.svg

* have ice support also on TC/TE systems

* ...

Please remember to rate helpful responses and identify

718
Views
0
Helpful
4
Replies
CreatePlease to create content