Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
538
Views
5
Helpful
5
Replies

IP Telephony in Full Nat Environment

Go to solution
kumar.22.gaurav
Level 1
Level 1

‎01-21-2013 12:04 AM - edited ‎03-16-2019 03:16 PM

HI Everybody,

I handle operations of Firewall.

I have a question regarding the capability of IP Telephony since I am not an expert in that.

We have a network with one central site and two remote locations connceted to Central site via Metro-Ethernet.

We have routers on all the three locations behind which we have Cisco ASA 5520.

Both the remote locations do not have any direct connectivity and is routed through Central router.

At DMZ in central site we have Cisco Call Manager for Cisco VOIP phone on central and remote sites.

We have VPN from both remote sites to central sites and one between both remote sites.

My Questions.

1) If Call manager goes down after call setup between two remote location IP Phones, will existing call continue?

2) If we use NAT for the communication between all sites will ip telephony keep on working? What will be the impact?

3) If answer to question 2 is, yes, then what happens if call manager goes down (will the communication go through the remote site to remote site VPN)?

Attached is a network diagram for reference.

If there is any similar post which answers all of the above, please tell me as I am new to this forum and tried to search but haven't found any.

Thanks for enlightening.

Regards

Gaurav Kumar

Labels:
Preview file
54 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joseph Martini
Cisco Employee
Cisco Employee

‎01-21-2013 05:28 AM

1) If Call manager goes down after call setup between two remote location IP Phones, will existing call continue?

Yes, phones will maintain a call between two IP phones even if they lose connection to the call manager server.  The audio path is directly between the phones so the phones continue to send and receive audio without the server.

2) If we use NAT for the communication between all sites will ip telephony keep on working? What will be the impact?

It can be done but it is diffucult.  NAT has to be able to do deep inspection to translate the IP addresses that are inside of the SCCP messages and/or SIP messages, not just the IP headers. 

3) If answer to question 2 is, yes, then what happens if call manager goes down (will the communication go through the remote site to remote site VPN)?

If the call manager is down you can't make a new phone call (unless you have SRST - Surviable Remote Site Telephony), but existing calls for the most part will stay up.

View solution in original post

5 Replies 5

Go to solution
Joseph Martini
Cisco Employee
Cisco Employee

‎01-21-2013 05:28 AM

1) If Call manager goes down after call setup between two remote location IP Phones, will existing call continue?

Yes, phones will maintain a call between two IP phones even if they lose connection to the call manager server.  The audio path is directly between the phones so the phones continue to send and receive audio without the server.

2) If we use NAT for the communication between all sites will ip telephony keep on working? What will be the impact?

It can be done but it is diffucult.  NAT has to be able to do deep inspection to translate the IP addresses that are inside of the SCCP messages and/or SIP messages, not just the IP headers. 

3) If answer to question 2 is, yes, then what happens if call manager goes down (will the communication go through the remote site to remote site VPN)?

If the call manager is down you can't make a new phone call (unless you have SRST - Surviable Remote Site Telephony), but existing calls for the most part will stay up.

Go to solution
kumar.22.gaurav
Level 1
Level 1
In response to Joseph Martini

‎01-22-2013 05:24 AM

Hey Joe,

Thanks for the answers.

Just one more quick question.

What is required for deep inspection and NAT? Is it a hardware dependency, a design dependency or a configuration requirement?

I have an environment having only cisco devices and nothing else. For VC we have Tandberg. Please suggest a document for better understanding.

Thanks in advance....

Regards

Gaurav Kumar

0 Helpful

Go to solution
Gordon Ross
Level 9
Level 9
In response to kumar.22.gaurav

‎01-22-2013 05:45 AM

You *really* want to avoid NAT with SIP & RTP. You're really better off using something like a VPN that is invisible to the phones.

GTG

Please rate all helpful posts.
0 Helpful

Go to solution
kumar.22.gaurav
Level 1
Level 1
In response to Gordon Ross

‎01-22-2013 05:55 AM

Right...I am already using VPN but at the same time I don't want anybody to see other persons IP So I am using nat in VPN as well. But not yet using for VOIP. I am planning to use it.

On top of that, leave it aside, if it should be done or not. I want to know how it can be done.

---Gaurav

0 Helpful

Go to solution
Gordon Ross
Level 9
Level 9
In response to kumar.22.gaurav

‎01-22-2013 06:00 AM

You're best bet to NAT SIP traffic is to use something like Cisco CUBE (

http://www.cisco.com/en/US/products/sw/voicesw/ps5640/ ) But that is really intended for SIP trunks, and not SIP endpoints.

You might be better off using CME at each site, and just having SIP trunks between them, which you NAT with CUBE.

GTG

Please rate all helpful posts.
0 Helpful
Customers Also Viewed These Support Documents