Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1199
Views
5
Helpful
3
Replies

"NAT Aware" SIP trunk in Call Manager 8.5

Go to solution
jyoung
Level 1
Level 1

‎09-26-2013 11:33 AM - edited ‎03-16-2019 07:34 PM

I currently have CM8.5 running with a SIP provider trunk out to the internet.  It is running via CUBE that is on a DMZ.  The firewall is an ASA and it is doing SIP inspection, so the payload is being NAT'd along with the ip headers.  We are replacing the ASA with another firewall that appearently does not do SIP inspection.  Is there a way in CM8.5 to setup a SIP trunk with the global IP address being used in the SIP payload instead of the internal address?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jonathan Schulenberg
Hall of Fame
Hall of Fame

‎09-27-2013 05:59 AM

Nope. CUCM is not supposed to be exposed to an untrusted network. CUBE can do it if you bypass the firewall and give the outside interface a public IPv4 directly. If you have sufficient CPU headroom, you could enable IOS zone-based firewalling to protect the router. If not, use an ACL to deny all traffic except to/from the ITSP SIP Proxy and established connections.

Please remember to rate helpful responses and identify helpful or correct answers.

View solution in original post

3 Replies 3

Go to solution
Jonathan Schulenberg
Hall of Fame
Hall of Fame

‎09-27-2013 05:59 AM

Nope. CUCM is not supposed to be exposed to an untrusted network. CUBE can do it if you bypass the firewall and give the outside interface a public IPv4 directly. If you have sufficient CPU headroom, you could enable IOS zone-based firewalling to protect the router. If not, use an ACL to deny all traffic except to/from the ITSP SIP Proxy and established connections.

Please remember to rate helpful responses and identify helpful or correct answers.

Go to solution
jyoung
Level 1
Level 1
In response to Jonathan Schulenberg

‎09-27-2013 12:38 PM

Thanks! Do you know if there is a configuration guide for CUBE setup that way?

Sent from Cisco Technical Support iPad App

0 Helpful

Go to solution
Jonathan Schulenberg
Hall of Fame
Hall of Fame
In response to jyoung

‎09-27-2013 12:43 PM

I don't have a working example of this handy; however, I have seen it mentioned during Cisco Live presentations. The recordings are now free at ciscolive365.com. If no one else responds, you may want to poke around there.

Please remember to rate helpful responses and identify helpful or correct answers.

0 Helpful
Customers Also Viewed These Support Documents