04-10-2015 12:25 AM - edited 03-18-2019 11:29 AM
This is really driving me nuts. I am not an expert with Cisco IP Telephony.
I have two sites connected via VPN (Cyberoam Firewalls) and there is communication between two sites. (ping is working)
But the IP Phones can not call each other, Internal is working fine. Please help guys !
CME Routers - Cisco 2901
IP Phones - Cisco 7821
Overall Topology :
IP Phone ----->2901 Router----->Firewall------>ISP Router------->Internet<--------ISP Router<-------Firewall<-------2901 Router<-------IP Phone
Head-Office has extensions 1xxx
Branch Office has extensions 2xxx
There is NAT on the firewalls & ISP Routers on both the ends.
The firewall is configured to allow any packet
The configuration of the routers are as follows:
10.10.60.1 (Head Office CME Router)
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname MEC-DOHA
!
boot-start-marker
boot system flash:c2900-universalk9-mz.SPA.154-3.M.bin
boot system flash:c2900-universalk9-mz.SPA.152-4.M6a.bin
boot-end-marker
!
!
logging buffered 51200 warnings
enable secret 5 $1$uKeq$kC2CxdrHFNaOkzTaZrS5o.
!
no aaa new-model
!
!
ip dhcp pool VOICE
network 10.10.60.0 255.255.255.0
default-router 10.10.60.1
dns-server 10.10.60.1 8.8.8.8
option 150 ip 10.10.60.1
!
!
!
ip domain name yourdomain.com
ip name-server 8.8.8.8
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
!
!
!
!
!
trunk group MyTrunkGroup
!
cts logging verbose
!
voice-card 0
!
!
voice call send-alert
voice rtp send-recv
!
voice service voip
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none
sip
bind control source-interface GigabitEthernet0/1
bind media source-interface GigabitEthernet0/1
registrar server expires max 600 min 60
!
voice class codec 1
codec preference 1 g729r8
!
!
!
!
voice register global
mode cme
source-address 10.10.60.1 port 5060
max-dn 35
max-pool 25
timezone 31
create profile sync 0009353635334336
!
voice register dn 1
number 1001
pickup-group 33
!
voice register dn 2
number 1002
pickup-group 33
!
voice register dn 3
number 1003
pickup-group 33
!
voice register pool 1
busy-trigger-per-button 2
id mac E0D1.73E5.1FD0
type 7821
number 1 dn 1
!
voice register pool 2
busy-trigger-per-button 2
id mac E0D1.73E5.209D
type 7821
number 1 dn 2
!
voice register pool 3
busy-trigger-per-button 2
id mac E0D1.73E5.066C
type 7821
number 1 dn 3
!
!
license udi pid CISCO2901/K9 sn FCZ1842C394
hw-module pvdm 0/0
!
!
redundancy
!
!
ip tcp path-mtu-discovery
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description INTERFACE--WAN
ip address 10.10.10.1 255.255.255.0
ip nat enable
duplex auto
speed auto
!
interface GigabitEthernet0/1
description INTERFACE--LAN
ip address 10.10.60.1 255.255.255.0
ip nat enable
duplex auto
speed auto
h323-gateway voip interface
h323-gateway voip bind srcaddr 10.10.60.1
!
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip http path flash:
!
ip route 0.0.0.0 0.0.0.0 10.10.10.254
!
!
!
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 60 permit 10.10.60.0 0.0.0.255
!
control-plane
!
!
voice-port 0/0/0
trunk-group MyTrunkGroup 1
timeouts interdigit 5
connection plar opx 1010
caller-id enable
!
voice-port 0/0/1
trunk-group MyTrunkGroup 2
timeouts interdigit 5
connection plar opx 1010
caller-id enable
!
voice-port 0/0/2
trunk-group MyTrunkGroup 3
timeouts interdigit 5
connection plar opx 1010
caller-id enable
!
voice-port 0/0/3
trunk-group MyTrunkGroup 1
timeouts interdigit 5
connection plar opx 1010
caller-id enable
!
!
!
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
dial-peer voice 2000 voip
destination-pattern 2...
session protocol sipv2
session target ipv4:10.10.70.1
incoming called-number 1...
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad
!
dial-peer voice 1000 voip
destination-pattern 1...
session target ipv4:10.10.60.1
!
dial-peer voice 999 pots
trunkgroup MyTrunkGroup
description **EMERGENCY**
destination-pattern 999
forward-digits all
!
dial-peer voice 9999 pots
trunkgroup MyTrunkGroup
description **EMERGENCY**
destination-pattern 9999
forward-digits 3
!
dial-peer voice 444 pots
trunkgroup MyTrunkGroup
description **LOCAL**
destination-pattern 94.......
forward-digits 8
!
dial-peer voice 333 pots
trunkgroup MyTrunkGroup
description **MOBILE**
destination-pattern 9[3-8].......
forward-digits 8
!
dial-peer voice 111 pots
trunkgroup MyTrunkGroup
description **INTERNATIONAL**
destination-pattern 9T
!
dial-peer voice 3000 voip
incoming called-number .
!
!
sip-ua
!
!
!
gatekeeper
shutdown
!
!
telephony-service
ip source-address 10.10.60.1 port 2000
no service local-directory
service dnis dir-lookup
max-conferences 8 gain -6
web admin system name admin secret 5 $1$8Q/7$wDybMpgoX1WUDELLPtD7O.
dn-webedit
time-webedit
transfer-system full-consult
directory entry 1 1002 name SALES
!
!
MEC-DOHA(config)#
------------------------------------------
10.10.70.1 (Branch Office CME Router)
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname MEC_INDAREA
!
boot-start-marker
boot system flash0:c2900-universalk9-mz.SPA.154-3.M.bin
boot system flash0:c2900-universalk9-mz.SPA.152-4.M6a.bin
boot-end-marker
!
!
enable secret 5 $1$nCg/$a2HoKk1R/V28iwwr/yOuy/
!
no aaa new-model
!
!
!
!
!
ip dhcp pool VOICE
network 10.10.70.0 255.255.255.0
default-router 10.10.70.1
dns-server 10.10.70.1 8.8.8.8
option 150 ip 10.10.70.1
!
!
!
ip domain name yourdomain.com
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
!
!
!
!
!
trunk group MyTrunkGroup
!
cts logging verbose
!
voice-card 0
!
!
voice call send-alert
voice rtp send-recv
!
voice service voip
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none
sip
bind control source-interface GigabitEthernet0/1
bind media source-interface GigabitEthernet0/1
registrar server expires max 600 min 60
!
!
!
!
voice register global
mode cme
source-address 10.10.70.1 port 5060
max-dn 35
max-pool 25
timezone 31
create profile sync 0006251728330142
!
voice register dn 1
number 2001
!
voice register dn 2
number 2002
!
voice register dn 3
number 2003
!
voice register pool 1
busy-trigger-per-button 2
id mac E0D1.73E5.1F03
type 7821
number 1 dn 1
!
voice register pool 2
busy-trigger-per-button 2
id mac E0D1.73E5.209D
type 7821
number 1 dn 2
!
voice register pool 3
busy-trigger-per-button 2
id mac E0D1.73E5.2085
type 7821
number 1 dn 3
!
!
!
!
!
!
license udi pid CISCO2901/K9 sn FCZ1842C39A
hw-module pvdm 0/0
!
!
!
username admin privilege 15 secret 5 $1$wDqb$jrxUG6abswL62ZlGdLhLO0
!
redundancy
!
!
ip tcp path-mtu-discovery
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$
ip address 10.10.20.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 10.10.70.1 255.255.255.0
duplex auto
speed auto
h323-gateway voip interface
h323-gateway voip bind srcaddr 10.10.70.1
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0 0.0.0.0 10.10.20.254
!
!
!
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 23 permit any
!
control-plane
!
!
voice-port 0/0/0
trunk-group MyTrunkGroup 1
timeouts interdigit 5
caller-id enable
!
voice-port 0/0/1
trunk-group MyTrunkGroup 2
timeouts interdigit 5
caller-id enable
!
voice-port 0/0/2
trunk-group MyTrunkGroup 3
timeouts interdigit 5
caller-id enable
!
voice-port 0/0/3
trunk-group MyTrunkGroup 1
timeouts interdigit 5
caller-id enable
!
!
!
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
dial-peer voice 1000 voip
destination-pattern 1...
session target ipv4:10.10.60.1
incoming called-number 2...
dtmf-relay h245-alphanumeric
no vad
!
dial-peer voice 2000 voip
destination-pattern 2...
session target ipv4:10.10.70.1
!
dial-peer voice 999 pots
trunkgroup MyTrunkGroup
description **EMERGENCY**
destination-pattern 999
forward-digits all
!
dial-peer voice 9999 pots
trunkgroup MyTrunkGroup
description **EMERGENCY**
destination-pattern 9999
forward-digits 3
!
dial-peer voice 444 pots
trunkgroup MyTrunkGroup
description **LOCAL**
destination-pattern 94.......
forward-digits 8
!
dial-peer voice 333 pots
trunkgroup MyTrunkGroup
description **MOBILE**
destination-pattern 9[3-8].......
forward-digits 8
!
dial-peer voice 111 pots
trunkgroup MyTrunkGroup
description **INTERNATIONAL**
destination-pattern 9T
!
!
!
!
gatekeeper
shutdown
!
!
telephony-service
max-ephones 10
max-dn 10
ip source-address 10.10.70.1 port 2000
max-conferences 8 gain -6
transfer-system full-consult
create cnf-files version-stamp Jan 01 2002 00:00:00
!
!
!
MEC_INDAREA#
I hope to get some help
Solved! Go to Solution.
04-10-2015 02:44 AM
Gr8 to see you got it solved.
Additionally check the dial-peer going from HQ to BR is using SIP whereas H.323 viceversa. You can check if it's done purposefully.
Since you are not using any translation profiles while calling between sites, dial-peer 1000 in HQ and 2000 in RB seems of no use.
Thanks
Vivek
04-10-2015 02:36 AM
Guys the problem has been solved, It was an issue from toll fraud application which was blocking the call.
Following commands were entered and it worked !!
Gw(Conf)# voice service voip
Gw(Conf)# no ip address trusted authenticate
04-10-2015 02:44 AM
Gr8 to see you got it solved.
Additionally check the dial-peer going from HQ to BR is using SIP whereas H.323 viceversa. You can check if it's done purposefully.
Since you are not using any translation profiles while calling between sites, dial-peer 1000 in HQ and 2000 in RB seems of no use.
Thanks
Vivek
04-30-2015 02:11 AM
Thanks Vivek :)
04-30-2015 02:33 AM
You are most welcome!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide