We are trying to run cisco ip phone via site to site ipsec vpn tunnel.The problem is the phones work fine for the first 40-50 secs and then suddenly the speech path is one-way,one party can hear but the other cannot. the code train for the ASA is 8.0(4).Isthere any bug or something or am I missing something here.I amattaching the show tech of ourend of the ASA.the other wedodnt manage. Please help SIRS.................
The soft phones are Cisco soft phones and the call manager is on the client side. that is the soft phone first communicates via a ipsec tunnel to the call manager on the client end and downloads info from there. the same issue happens if we call from soft phone to soft phone.the soft phones are on our side and the call manager is on the other side of the tunnel ,all the voice communication happens through a ipsec tunnel. Another thing is that there is a redundant connection via dial up through fortigate firewall. the soft phones are then working fine. the voice call establishes for 40-50 secs and we can talk clearly and hear also so no probs but after 40-50 secs the recieving party is not able to hear anything. Yes you are right the ip phosed are behind the ASA and the call manager is on the other side.
ports that is not opened which should be opened up.
Yes we are not able to hear but the remote side is able to always, and this happens after 40-50 secs sometimes 4-5 mins.
I did some debugging today posting it in a short while...i have posted the network diagram.....fortigate firewall uses RA VPN to connect and the ASA uses site to site vpn to connect. I am also uploading the connection state in the firewall before and after the voice gets one way.Uploading real time logs from the firewall at the time we tested.
The call manager is on the remote side. We are not using PAT we are using nonat for our IPSEC communication. the communicators use the VPN tunnel to communicate with the call manager on the other side.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...