Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1431
Views
0
Helpful
3
Replies

SIP/RTP issue behind NAT device

fhoban
Level 1
Level 1

‎06-21-2019 02:05 AM

Hello,

 

I've an issue where outbound calls work from skype clients to external phones but inbound dont ; the call connects but no audio is available. The setup is fairly simple. We have a gateway server on the LAN that connects out to the sip provider cloud. The setup is

client/server>switch>NAT router Cisco 2911>Internet>SIP Provider

 

Information from the Provider is as follows. We only need these ports open between the sip server and phone gateway.

 

SIP Server: sip.xxxxxxx.com
SIP Port:
Protocol: UDP
SIP Port: 5060

RTP Port:
Protocol: UDP
RTP Port Range: 30000 to 40000

Supported Codecs:
1st Priority: G711A (Alaw)

 

Current NAT rules are as follows where for example 10.10.10.1 is the Gateway on the LAN

 

ip nat inside source list ANY interface VlanXXX overload
ip nat inside source static udp 10.10.10.1 5060 interface Vlan666 5060

 

The LAN voice gateway is configured to send traffic on udp ports 35000+

 

The NAT translations on the outbound calls that work are below.

For the example the

LAN Gateway = 10.10.10.1

sip public IP = 20.20.20.20

NAT router Public IP = 30.30.30.30

 

CISCO 2911# sh ip nat translations

udp 30.30.30.30:5060 10.10.10.1:5060 20.20.20.20:5060 20.20.20.20:5060
udp 30.30.30.30:1028 10.10.10.1:35190 20.20.20.20:30496 20.20.20.20:30496
udp 30.30.30.30:1026 10.10.10.1:35191 20.20.20.20:30497 20.20.20.20:30497

 

I've tried to do a static udp NAT with port range/route map and also using an 'ip nat port-map command.

Does this type of setup require a static NAT on the RTP ports as well to work ? The NAT device is a Cisco2911

 

Any advice/documentation on this would be appreciated.

 

Thanks in advance.

 

1 person had this problem
Labels:
0 Helpful
3 Replies 3

Mike_Brezicky
Cisco Employee
Cisco Employee

‎06-21-2019 04:30 AM

So your inbound call signaling is working but the media stream is not sending?
Are you doing any SIP inspection on the router?
Also, does the ISP expect the public IP to be sent in the header? I have a couple NAT'ed sip trunks where it works seamless, but a few international ones I need a good bit of SIP normalizaiton, modification of headers to get it working.

Are you able to get a packet capture of an inbound call?
0 Helpful

fhoban
Level 1
Level 1
In response to Mike_Brezicky

‎06-21-2019 05:38 AM

Hi Mike,

Only config on the router is the NAT and an ACL on the ISP facing interface which is not blocking anything. I'm not sure about the ISP. I will try and get packet capture from client.

 

Thanks!

0 Helpful

fhoban
Level 1
Level 1
In response to Mike_Brezicky

‎06-21-2019 05:56 AM

This is logs from voice gateway on site.

 

Preview file
349 KB
0 Helpful
Customers Also Viewed These Support Documents