Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2023
Views
0
Helpful
4
Replies

Is SIP behind NAT possible with this hardware?

Go to solution
andymccall
Level 1
Level 1

‎01-12-2014 08:27 AM - edited ‎03-16-2019 09:12 PM

Hi Folks,

I've got to the point where I'm thinking of giving up on the hardware I've got because I don't think it will work, which is strange as I would have thought for a small business this would be a common configuration, unfortunately it means I'll be moving to something like DrayTek (I'd prefer to stay with Cisco though). So this is my final attempt at getting this working!

SIP TRUNK-> Cisco 877 (NAT'ing) <--> Cisco 2611XM & CME 4

  • Internal calls are working
  • Outgoing calls via SIP trunk and PTSN are working
  • Incoming calls fail

My configuration on the CME is:

voice service voip

allow-connections h323 to h323

allow-connections h323 to sip

allow-connections sip to h323

allow-connections sip to sip

no supplementary-service sip moved-temporarily

no supplementary-service sip refer

sip

header-passing

registrar server

outbound-proxy dns:voip.zen.co.uk

voice translation-rule 1

rule 1 /^9\(.*\)/ /\1/

voice translation-rule 2

rule 1 /.*/ /01xxxxx8882/

voice translation-profile SIP

translate calling 2

translate called 1

voice-port 1/0/1

no comfort-noise

voice-port 1/1/0

trunk-group VIC2-2FXO

supervisory disconnect dualtone mid-call

no battery-reversal

no comfort-noise

cptone GB

timeouts call-disconnect 5

timeouts ringing 90

timeouts wait-release 5

timing digit 80

timing inter-digit 80

connection plar opx 1001

!

voice-port 1/1/1

no comfort-noise

!

dial-peer voice 100 pots

trunkgroup VIC2-2FXO

description PSTN Dial Peer

destination-pattern 8T

incoming called-number .

no sip-register

!

dial-peer voice 200 voip

description SIP Outgoing Dial Peer

translation-profile outgoing SIP

destination-pattern 9T

voice-class sip outbound-proxy dns:voip.zen.co.uk

session protocol sipv2

session target dns:voip.zen.co.uk

session transport udp

dtmf-relay rtp-nte

codec g711ulaw

no vad

dial-peer voice 150 voip

description SIP Incoming Dial Peer

voice-class sip outbound-proxy dns:voip.zen.co.uk

session protocol sipv2

session target dns:voip.zen.co.uk

session transport udp

dtmf-relay rtp-nte

codec g711ulaw

no vad

!

gateway

timer receive-rtp 1200

!

sip-ua

authentication username 01xxxxx8882 password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxx

registrar dns:voip.zen.co.uk expires 3600

sip-server dns:voip.zen.co.uk

host-registrar

permit hostname dns:voip.zen.co.uk

permit hostname dns:asterisk01.voip.zen.co.uk

permit hostname dns:asterisk02.voip.zen.co.uk

ephone-dn 1 dual-line

number 8882 secondary 012xxxx8882 no-reg both

label Andy McCall

name 012xxxx8888

call-forward noan 90xxxxxx188 timeout 30

I've taken out all of the settings from my 877, so at the moment its just NAT'ing for outgoing.

no ip nat service sip udp port 5060

ip nat inside source list 1 interface Dialer1 overload

ip route 0.0.0.0 0.0.0.0 Dialer1

ip route 192.168.2.0 255.255.255.0 192.168.1.254

!

access-list 1 permit 192.168.0.0 0.0.255.255

The things I've tried that people have suggested and I've read about:

  • Adding a static route for 5060 to 192.168.1.254 to the 877 - this gets traffic to the CME, but the call doesn't ring and I get an INVALID HOST problem because the SIP trunk's IP addresses are not registered on the CME
  • Adding the external IP's of the SIP provider to a loopback device - this stopped all calls working as all traffic that was ment for the SIP trunk, went to the loopback device
  • Binding control and media source interface to FastEthernet0/0.1 - no changes

Please can someone help me, or is it simply a limitation of Cisco equipment that it can't work behind NAT?

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Carlo Poggiarelli
VIP
VIP

‎01-12-2014 12:34 PM

Hi Andy.
Please send the output of a debug ccsip messages during an outgoing call.
You don't need any static nat on your 877 and no particular routing to let your CME to communicate with your SIP provider.

Regards

Carlo

Sent from Cisco Technical Support iPhone App

Please rate all helpful posts "The more you help the more you learn"

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Carlo Poggiarelli
VIP
VIP

‎01-12-2014 12:34 PM

Hi Andy.
Please send the output of a debug ccsip messages during an outgoing call.
You don't need any static nat on your 877 and no particular routing to let your CME to communicate with your SIP provider.

Regards

Carlo

Sent from Cisco Technical Support iPhone App

Please rate all helpful posts "The more you help the more you learn"
0 Helpful

Go to solution
andymccall
Level 1
Level 1
In response to Carlo Poggiarelli

‎01-13-2014 02:38 AM

Thanks for the reply Carlo,

I've attached the output of a debug ccsip messages,  the call completed fine.

At the moment when trying to make an incoming call nothing hits the CME at all, but I wasn't sure if it should as there are no static routes.  Call me stupid, but how can the call come through to the CME if there are no static routes?  Should the NAT handle this automatically once the outgoing sip trunk has been registered?

Maybe I'm looking in the the wrong place - it looks like the dial peer isn't even up - should the OPER PREFIX say up?

2611xm-1#sh dial-peer voice summary

dial-peer hunt 0

             AD                                    PRE PASS                OUT

TAG    TYPE  MIN  OPER PREFIX    DEST-PATTERN      FER THRU SESS-TARGET    STAT PORT

100    pots  up   up             8T                 0                      up   trunkgroup VIC2-2FXO

200    voip  up   up             9T                 0  syst dns:voip.zen.co.uk

150    voip  up   down                              0  syst dns:voip.zen.co.uk

20001  pots  up   up             8882$              0                           50/0/1

20002  pots  up   up             01xxxxx8882$       9                           50/0/1

20003  pots  up   up             8883$              0                           50/0/2

20004  pots  up   up             01xxxxx8883$       9                           50/0/2

20005  pots  up   up             8884$              0                           50/0/3

20006  pots  up   up             01xxxxx8884$       9                           50/0/3

Thanks,

15373796-outboundcall.txt.zip
0 Helpful

Go to solution
andymccall
Level 1
Level 1
In response to Carlo Poggiarelli

‎01-13-2014 02:15 PM

I *finally* got incoming calls working today!  Yes, no static route was needed.  There were a few different problems.

The only two things I have left to work on are:

Calls coming in via SIP that are forwarded on noan to a mobile connect, but don't have any audio (not sure if this is a transcode or a NAT issue).  I've temporarily got around this by diverting via the POTS line, rather than the SIP trunk.

BLF pickup doesn't work, you have to press Pickup then the BLF button, I was under the impression I should just be able to pickup the call by pressing the BLF key.

Thanks for the help.

0 Helpful

Go to solution
Dennis Mink
VIP Alumni
VIP Alumni
In response to andymccall

‎01-13-2014 04:48 PM

Andy can you share you full config for future reference and provide the technical details on what fixed it.

Thanks



=============================
Please remember to rate useful posts, by clicking on the stars below. 

=============================

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful
Customers Also Viewed These Support Documents