Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

UC500 with a prive IP behind a firewall

How can I explain my problem? I think, the best way is a picture. Hopefully, it's clear..

Case: a remote worker with X-Lite on the pc can hear the other one. But his own stream are delivered on a wrong IP (local private IP of the WAN UC500), see the picture what I mean..

Any ideas what the solution could be?

Thanks, Wim

1 ACCEPTED SOLUTION

Accepted Solutions
Community Member

Re: UC500 with a prive IP behind a firewall

Wim,

I have had a few issues like this in the past...  and they all turned out to be a routing issue...  where I can hear one way audio but the other end could not hear me... or vice versa..

Make sure all your IP PHone endpoints can route to all other subnets for both data and voice vlans.  Maybe a acess-list is blocking the 10.1.1.X from getting back to your remote subnet..  but allowing your remote subnet to talk to 10.1.1.X.

9 REPLIES

Re: UC500 with a prive IP behind a firewall

Best case is that you use a VPN on the computer with the soft client to connect to the UC500.  Then you should have an IP on the data subnet of the UC500.

Community Member

Re: UC500 with a prive IP behind a firewall

Yes, I know... but the first choice is without a VPN... ;)

Community Member

Re: UC500 with a prive IP behind a firewall

You need an Application Layer Gateway (ALG) capable device for correct NAT implementation. Please refer to the document "Integrating the UC500 into an existing Network" for deployment tips:

https://supportforums.cisco.com/docs/DOC-9674

Thanks,


Marcos

Community Member

Re: UC500 with a prive IP behind a firewall

I have a speedtouch 546 router. I see on this webiste http://speedtouch.net.nz/disablealg.htm that ALG is supported.

When I enable ALG on my router... then, I have no problems with one way audio ?

Re: UC500 with a prive IP behind a firewall

The link describes disabling the ALG.  If you have disabled the ALG, that would cause this problem.  Enabling the ALG should fix this.

Community Member

Re: UC500 with a prive IP behind a firewall

I don't know exactly what to do. This is what I read:

An ALG for these NAT/PAT-sensitive protocols (IP6TO4,                 GRE, PPTP, ESP, IKE, SIP, JABBER, ILS, H245, H323, RAUDIO(PNA), RTSP,                 IRC, FTP) supports Protocol Anomaly                 Detection (PAD) inspections of each packet, allowing approved                 packets to pass though the NAPT without the need for static bindings                 (pinholes).

I have add a printscreen with the settings on the router. Is this configure right now?

Thanks in advance!

Community Member

Re: UC500 with a prive IP behind a firewall

Wim,


Not knowing what this device is or does, I couldn't really tell if their ALG is configured correctly. I suggest you contact that vendor and ask for more information.


Thanks a lot,

Marcos

Re: UC500 with a prive IP behind a firewall

I agree with Marcos, while the settings look correct, it doesn't appear to be working correctly.  Hopefully the vendor could tell you more.

Community Member

Re: UC500 with a prive IP behind a firewall

Wim,

I have had a few issues like this in the past...  and they all turned out to be a routing issue...  where I can hear one way audio but the other end could not hear me... or vice versa..

Make sure all your IP PHone endpoints can route to all other subnets for both data and voice vlans.  Maybe a acess-list is blocking the 10.1.1.X from getting back to your remote subnet..  but allowing your remote subnet to talk to 10.1.1.X.

4534
Views
0
Helpful
9
Replies
CreatePlease to create content