Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2180
Views
0
Helpful
1
Replies

ACL for VOIP SIP,H323,SCCP

Philipp Hoeffker
Level 1
Level 1

‎11-03-2011 03:26 AM - edited ‎03-17-2019 10:35 PM

Hi,

i have a problem in understanding the acl rule for sip h323 or SCCP.

WE will use this for connect ip Communicator to CME

The CME has the IP : 192.168.10.254

The ASA Inside Interface IP : 192.168.10.1

The ASA Outside Interface IP:  x.x.x.x (static)

I connect to the Network with Cisco annyconnect but voip not work

So i must set acl for this problem

M Problem: In the guide the outside interface is a clss B network but we have a class A networkaddress applyed by our ISP.

when i connect with anyconnect i have an internale address off 192.168.10.80 (static) applyed through the asa.

Witch IP Address i must set in the acl

access-list 100 extended permit tcp 192.168.10.0 255.255.255.0 host ? eq (sip,h323,sccp)  /  Outside Interface IP address oder host ip ?

Philipp

Labels:
0 Helpful
1 Reply 1

Marwan ALshawi
VIP Alumni
VIP Alumni

‎11-04-2011 05:51 AM

You need to allow the VPN pool range to the inside cme ip

And make sure inspection is enabled for the used protocol such as sip

See the below link for more details

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081042c.shtml

Hope this help

If helpful rate

0 Helpful
Customers Also Viewed These Support Documents