Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Site to Site video connection not working

We have 2 Polycom 7000 at two sites . We can use the polycoms for video conferencing with no issues using our own internal IP addressing . However trying to use our public IP's from site to site gets us no where, the system rings but nothing on either end.

 

We have a NAT rule in place that directs the internal IP to go the public IP, we also added the ports associated with the Polycom using an access list:::

ip nat inside source static 10.27.131.30 12.16.xxx.xx   (10.27.131.30 IP of Polycom)

access-list 101 permit tcp any any range 3230 3235
access-list 101 permit udp any any range 3230 3253

 

Is there anything else I need to specify to get this working with the public IP's?

 

Everyone's tags (1)
3 REPLIES
Bronze

When setting up our own VCs

When setting up our own VCs we usually go along the lines of - Allow any external address access to the public address it is NAT'd to. On the LAN side however, only allow the VC access to the ports it uses for calls. This was done on ASA.

object network VID_CONF
host 10.27.131.30
!
object-group network ALL-VIDEO_CONF
network-object object VID_CONF
!
object-group service PROT-VIDEO_CONF tcp-udp
port-object eq 7648
port-object range 3230 3242
port-object range 3230 3269
port-object range 3230 3285
port-object eq 1720

 
access-list inside_access_in extended permit tcp object-group ALL-VIDEO_CONF any object-group PROT-VIDEO_CONF

 
access-list Outside_access_in extended permit ip any object-group ALL-VIDEO_CONF

 
 
object network VID_CONF
nat (inside,Outside) static .......

New Member

Thanks for that information

Thanks for that information and config.

Unfortunately our network setup is down via 1900 <>2800 with no ASA involved.

I'm in the process of going thru all my ACLs right now to verify.

New Member

After some more investigation

After some more investigation and trouble shooting I found that using the build in Polycom traceroute program - I try to traceroute back to the other Polycom(public IP) and it fails after hitting my gateway. The Polycom at site B does the same traceroute and it works fine, it gets all the way back to my public IP used for the Polycom.

 

I dont understand once its gets to the gateway it then drops? Its going out the same gateway as everything else on the network?

40
Views
5
Helpful
3
Replies