Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
515
Views
0
Helpful
1
Replies

SIP Traffic issue FWSM

abhisar patil
Level 1
Level 1

‎08-28-2012 01:24 AM - edited ‎03-11-2019 04:46 PM

Dear All,

I am facing issue for SIP traffic through FWSM. I am receiving SIP traffic on outside interface but not sending to inside interface.

Please find the config.

Source      : 10.1.1.245

Destination : 10.2.2.46

Port        : UDP-5070

Configuration:

access-list incoming_traffic extended permit udp any any    //already present

static (test-platform,outside) 10.2.2.32 10.2.2.32 netmask 255.255.255.22

Detination is present on the firewall itself.

*****

Capture acl

access-list temp extended permit udp any host 10.2.2.46

*****

FWSM# show capture

capture abc type raw-data access-list temp interface outside circular-buffer[Capturing - 672 bytes]

capture abc1 type raw-data access-list temp interface test-platform[Capturing - 0 bytes]

FWSM# show capture abc

16 packets seen, 16 packets captured

   1: 11:18:57.2918457590 802.1Q vlan#308 P0

   2: 11:18:57.2918457590 802.1Q vlan#308 P0 10.1.1.245.5060 > 10.2.2.46.5070:  udp 2525

   3: 11:18:58.2918458100 802.1Q vlan#308 P0

   4: 11:18:58.2918458100 802.1Q vlan#308 P0 10.1.1.245.5060 > 10.2.2.46.5070:  udp 2525

   5: 11:18:59.2918459100 802.1Q vlan#308 P0

   6: 11:18:59.2918459100 802.1Q vlan#308 P0 10.1.1.245.5060 > 10.2.2.46.5070:  udp 2525

   7: 11:19:01.2918461110 802.1Q vlan#308 P0

   8: 11:19:01.2918461110 802.1Q vlan#308 P0 10.1.1.245.5060 > 10.2.2.46.5070:  udp 2525

   9: 11:19:33.2918493010 802.1Q vlan#308 P0

  10: 11:19:33.2918493010 802.1Q vlan#308 P0 10.1.1.245.5060 > 10.2.2.46.5070:  udp 2534

  11: 11:19:33.2918493510 802.1Q vlan#308 P0

  12: 11:19:33.2918493510 802.1Q vlan#308 P0 10.1.1.245.5060 > 10.2.2.46.5070:  udp 2534

  13: 11:19:34.2918494520 802.1Q vlan#308 P0

  14: 11:19:34.2918494520 802.1Q vlan#308 P0 10.1.1.245.5060 > 10.2.2.46.5070:  udp 2534

  15: 11:19:36.2918496520 802.1Q vlan#308 P0

  16: 11:19:36.2918496520 802.1Q vlan#308 P0 10.1.1.245.5060 > 10.2.2.46.5070:  udp 2534

16 packets shown

FWSM# show capture abc1

0 packet seen, 0 packet captured

0 packet shown

Labels:
0 Helpful
1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

‎08-28-2012 12:07 PM

Hello,

Please provide the

-Show run policy-map

Also I would like to see the following

cap asp type asp-drop all circular-buffer

attempt to connect and provide me the:

show cap asp | include 10.1.1.245

Remember to rate al the helpful posts

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card