Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

SIp and Cisco 837 Fw

Hi Guys,

I hope someone has experienced this before and has an answer. I am trying to connect a 7960 IP Phone from home to a local Sip provider. I have a Cisco 837 fully configured for NAT and IOS Firewall inc IP Inspect.

When i removed the ACl from the Dialer0 interface my sip phone works a treat but when i rasie the FW, i do not have communication with the provider.

My error

IPACCESSLOGP: list 104 denied udp x.x.x.x(SIPPROXY)(5060) -> x.x.x.x (CISCO837)(52630), 1 packet

And many more like this.

My External ACL looks like this

access-list 104 remark auto generated by SDM firewall configuration

access-list 104 remark SDM_ACL Category=1

access-list 104 permit udp host x.x.x.x (CISCO837) any eq 5060

access-list 104 permit udp host x.x.x.x (SIPPROXY) any eq 5060

access-list 104 permit tcp any any eq ftp

access-list 104 permit tcp any any eq smtp

access-list 104 permit tcp any any eq 443

access-list 104 permit tcp any any eq 1723

access-list 104 permit tcp any any eq www

access-list 104 permit tcp any any eq 3389

access-list 104 deny ip 192.168.1.0 0.0.0.255 any

access-list 104 deny ip 10.0.0.0 0.0.0.255 any

access-list 104 permit icmp any host x.x.x.x echo-reply

access-list 104 permit icmp any host x.x.x.x time-exceeded

access-list 104 permit icmp any host x.x.x.x unreachable

access-list 104 deny ip 10.0.0.0 0.255.255.255 any

access-list 104 deny ip 172.16.0.0 0.15.255.255 any

access-list 104 deny ip 192.168.0.0 0.0.255.255 any

access-list 104 deny ip 127.0.0.0 0.255.255.255 any

access-list 104 deny ip host 255.255.255.255 any

access-list 104 deny ip host 0.0.0.0 any

access-list 104 deny ip any any log

Can anyone help with configureing the corrcet settings for the ACL.

Thanks

Stephen

========================== http://www.rconfig.com A free, open source network device configuration management tool, customizable to your needs! - Always vote on an answer if you found it helpful
1 REPLY
Anonymous
N/A

Re: SIp and Cisco 837 Fw

You might be running into a bug here. check this bug-id: CSCsb00129

128
Views
0
Helpful
1
Replies
CreatePlease to create content