Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5003
Views
0
Helpful
34
Replies

CUCME do not register, no outbound call

Go to solution
o0chrisb0o
Level 1
Level 1

‎11-11-2019 09:47 AM - edited ‎11-11-2019 10:46 AM

Hi,

I'm pulling my air out since last week. Here's my problem. It has been over a year that I setup a phone system, and everything was working fine. Then I changed my setup last week.

 

My old setup was basically like this:

cucme (2811) ==> ISP Router ==> Twilio (SIP Trunk) (NAT was made directly on the 2811)

 

Now my setup is as follow

cucme (2811) ==> router (1941) ==> PFSense FW (NAT happen here) ==> ISP Router (Bridge Mode) ==> Twilio.

 

What's working:

  • All phones can communicate between them internaly
  • All inbound call works flawlessly

What's not working:

  • Outbound calls

Here's the symptoms when I try to do an outbound call, when a pickup the phone and dial a outside number, I press 9, then I hear the fast dialtone, as usual, then type the number, I see the "Ring Out" on the phone screen, but nothing happen, no sound or click can be heard on the phone.

 

When I check the debug messages, I can see that the systems try to register to Twilio, but I do not receive any response from them. When I check the debug console at Twilio, it seems that they do not even received anything. (I'll include all the logs, pcap (from firewall) and config)

 

I have a feeling that it's related to the NAT, since it was working perfectly when the NAT was made by the 2811, I check for STUN and ALG but I don't know where to start or how it really works.

I would like to get your opinion on the matter, right now it beyond me and I would like to learn from that experience!

 

Looking forward for your help, I'm sure it's a small detail that I overlooked.

Preview file
13 KB
Preview file
25 KB
Preview file
181 KB
0 Helpful
34 Replies 34

Go to solution
TONY SMITH
Spotlight
Spotlight
In response to o0chrisb0o

‎04-03-2020 11:39 AM

Only got time for a quick response just now.  I think you may be on the right lines with the SIP profile, but the example you posted would only alter an Invite, whereas the comments from Twilio refer to the header in your outgoing OK message.  You can tweak your profile accordingly, something like ..

response 200 sip-header Contact modify "192.168.20.1" "76.64.244.127"

Are you aware of the SIP Profile Test Tool .. https://cway.cisco.com/tools/SipProfileTest/

0 Helpful

Go to solution
o0chrisb0o
Level 1
Level 1
In response to TONY SMITH

‎04-03-2020 01:43 PM - edited ‎04-03-2020 02:26 PM

Thanks, Tony,

I did not know about this tool. Very handy, so I tested the following statement in my config as well as in the test tool:

voice class sip-profiles 10
  response 200 sip-header Contact modify “<sip:(.*)@192.168.20.1:5060>" "<sip:64.114.20.54:5060>"

Then I call the profile in the `voice service voip` section under the sip configuration like so:

voice service voip
 ip address trusted list
 ---  snip ---
 allow-connections sip to sip
 no supplementary-service sip handle-replaces
 sip
  bind control source-interface FastEthernet0/0.20
  bind media source-interface FastEthernet0/0.20
  registrar server expires max 3600 min 600
  early-offer forced
  sip-profiles 10 ##HERE

Then, it freaking WORKED!!!!! At last! I'm so happy! I want to thank you for all the help you provided to help me troubleshoot this issue.

Ultimately, I will replaced my PFSense firewall with a Cisco ASA5515x so this can be done automatically in the firewall. Because, right now, every time my IP change, I'll need to adjust my config, which is a pain in the butt. Now I can move on to another project!

 

Thank you very much for your help.

0 Helpful

Go to solution
TONY SMITH
Spotlight
Spotlight
In response to o0chrisb0o

‎04-06-2020 08:19 AM

Good stuff.  There are a couple of tweaks you can make.  If your internal IP address is likely to change you can make your profile replace anything with the desired address.  Like the following example ..

response 200 sip-header Contact modify "@(.*):5060>" "@76.64.244.127:5060>"

The other tweak is to apply the profile to your ITSP facing dial peers, rather than globally, so it only re-writes headers where required.  

0 Helpful

Go to solution
o0chrisb0o
Level 1
Level 1
In response to TONY SMITH

‎04-06-2020 09:08 AM

Thanks for the tweaks, what I meant, is my public IP will change, mostly after a power outage or if I reboot my firewall. It's no big deal, it doesn't happen that often.

 

As for the dial-peer, I did put the profile in it first, but it wasn't working, I had to put it in the global SIP config to make it work.

 

Thanks!

0 Helpful

Go to solution
TONY SMITH
Spotlight
Spotlight
In response to o0chrisb0o

‎04-07-2020 09:10 AM

That's going to be a pain, the external IP changing.   I must say I've never seen a service provider who worried about the IP address specifically in the Contact header.  I don't think anything is going to re-write that header automatically.

Regarding applying the profile to the dial peer, if you have separate inbound and outbound dial peers facing the ITSP then I'm not sure whether the profile needs to be on the inbound or outbound, since the message you're concerned with is a response to an inbound Invite.

0 Helpful
Customers Also Viewed These Support Documents