ISP Failover issue on ASA for VoIP traffic

Chaitanya Krishna Narra · ‎06-16-2017

Hi All,

We are using Cisco 504G and Polycom phones in our premises and these phones will get register with SIP Server located at provider side.

We have configured Cisco ASA 5516 with two ISP's using IP SLA policies, for ISP failover and "Timeout floating-conn" for UDP connections to route VoIP traffic on second ISP, if primary ISP has down.

But, the ISP failover is working fine for all the PC's and Polycom phones in our Network, except from Cisco VoIP phones.

In our case, if primary ISP goes down all the Cisco VoIP phones are going to offline and was not trying to re-establish the connection to SIP Server on Backup ISP, until we clear the connections on firewall.

We are maintaining this setup in our ODC Network and it was an critical issue for us, please help me to get fix the issue.

Thanks.

johnd2310 · ‎06-21-2017

Hi,

Is SIP inspection enabled on the ASA firewall? Have you tried disabling SIP inspection?

Thanks

John

**Please rate posts you find helpful**

Chaitanya Krishna Narra · ‎06-25-2017

Hi John,

Thanks for your response.

The "SIP" inspection has enabled on our ASA Firewall and we have not tried by disabling "SIP" inspection on Firewall.

As we are using this setup on Secure ODC network, is it recommendable to disable "SIP" inspection on Firewall or do we need to create any ACL's to protect the inbound traffic on Firewall, by disabling "SIP" inspection.

Please help us.