Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1210
Views
0
Helpful
1
Replies

Cisco PIX 525 - Polycom VC problem (can call out but not receive call)

kimpoh.liaw
Level 1
Level 1

‎07-21-2011 02:38 AM - edited ‎03-11-2019 02:01 PM

Dear all,

I have this problem with the Polycom Video Conferencing (HDX 7000)

While we can initiate a video call to other locations, we can not receive a video call from other locations. Whenever there is a incoming call, the polycom is ringing fine. but once we answer the call, the call will be disconnected. Our access rules are listed below, 203.125.99.99 is our public IP for example.

Anyone can advise us on the possible solution? Note that we can receive the video call fine if we put the Polycom to DMZ.

thanks!

fixup protocol ftp 21

fixup protocol http 80

fixup protocol ils 389

fixup protocol rsh 514

fixup protocol rtsp 554

fixup protocol sqlnet 1521

fixup protocol sip 5060

fixup protocol skinny 2000

no fixup protocol smtp 25

no fixup protocol h323 h225 1720

no fixup protocol h323 ras 1718-1719

access-list 100 permit icmp any any unreachable

access-list 100 permit icmp any any time-exceeded

access-list 100 permit icmp any any echo-reply

access-list 100 permit tcp any eq https any

access-list 100 permit tcp any host 203.125.99.99 eq ldap

access-list 100 permit tcp any host 203.125.99.99 eq 1503

access-list 100 permit udp any host 203.125.99.99 eq 1718

access-list 100 permit udp any host 203.125.99.99 eq 1719

access-list 100 permit tcp any host 203.125.99.99 eq h323

access-list 100 permit tcp any host 203.125.99.99 eq 1731

access-list 100 permit tcp any host 203.125.99.99 eq 5060

access-list 100 permit udp any host 203.125.99.99 eq 5060

access-list 100 permit tcp any host 203.125.99.99 range 3230 3235

access-list 100 permit udp any host 203.125.99.99 range 3230 3253

access-list 200 permit tcp host 192.168.1.210 any

access-list 200 permit udp host 192.168.1.210 any

icmp deny any outside

mtu outside 1500

mtu inside 1500

arp timeout 14400

global (outside) 5 203.125.99.99 netmask 255.255.255.224

nat (inside) 5 192.168.1.210 255.255.255.255 0 0

static (inside,outside) 203.125.99.99 192.168.1.210 netmask 255.255.255.255 0 0

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server RADIUS protocol radius

aaa-server LOCAL protocol local

Labels:
0 Helpful
1 Reply 1

varrao
Level 10
Level 10

‎07-21-2011 03:00 AM

Hi Kim,

Could you please enable fixup for h323 and h225, it should work after that.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card