Hi,
We have a strange issue with Cisco ASA where the SIP traffic is NOT been dropped.
We configured the rules top drop TCP and UDP SIP traffic from certain IP addresses, but for some reason the calls are successful.
The packet tracer shows the traffic is been dropped but in reality the calls pass therough the firewall and are successfull.
Therer's no assymetric routing, all the traffic is been passed through the firewall. We verified this by rebooting the firewall during IOS (8.4) upgrade and during that period the calls were not successful.
This behaviour only happens with SIP traffic, other traffic like UDP, ICMP are successfully blocked.
We even tried service policy inspection but it didn't help either.
Any help on this will be appreciated.