Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
376
Views
0
Helpful
1
Replies

Lingo VOIP Can't get through pix 500 series firewall

brentclements
Level 1
Level 1

‎03-05-2005 05:15 PM - edited ‎02-20-2020 11:59 PM

We have the following setup:

Pix 500 series firewall running OS 5.3. We have 1 to 1 nat set up. Behind this firewall we have dlink lingo voip gateway.

The dlink lingo voip gateway has an external address of 192.168.5.5. We have a one to one nat set up where 64.xxx.xxx.xxx is the 192.168.5.5 address from the outside.

From a host outside of this network, we have ping the address, we can even access the web interface of the dlink voip gateway using the real ip address 64.xxx.xxx.xxx

We have set up a fixup for voip port 5060 and have set a access list range for ports 10000 - 20000

Here is the wierd part, the user can receive voip calls on the gateway/voip phone, but when we try to dial out, we get dialtone, but everytime we dial, we get a fast busy all of the time.

Is this a pix firewall issue, or voip phone issue? The really odd part is that we can take this dlink voip gateway and stick it on a dsl or cable configuration(not behind the pix firewall) and everything works like normal.

The dlink gateway even states that it's connected to the voip network.

Anybody have a clue where I can start looking to fix this problem?

-Brent

0 Helpful
1 Reply 1

fragomez
Level 1
Level 1

‎03-06-2005 11:59 AM

Brent,

Usually, when you get fast busy is because there is a routing problem on the voice gateway, but if you tell me that bypassing the PIX fixes the issue I will say that the problem is on the PIX.

Check bugs related with SIP and the PIX code you are running:

CSCdu66557

CSCdt83142

CSCdu11774

CSCdu12909

As you can see, there are a lot of problem with the PIX code you are running, I will recommend upgrading the PIX, the firewall is using a very OLD version which is not even supported by TAC. Make sure you upgrade to 6.3.4 which is a general deployment but please have in mind that this is a major change and could affect your Network.

On the other hand, have you tried opening IP for this host? Do you get the same problem?

Let me know if this helps....

Frank

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card