Shortel communicator through ASA

roger perkin · ‎11-12-2012

I am trying to troubleshoot an issue with a Shoretel IP Communicator server.

I have an Iphone with the Shortel communicator client and on the ASA we have a NAT to the Shoretel server and an access-l on port 80, 5447 and 5449 (tcp)

When connecting over wifi this works perfectly -

1.2.3.4:4321 > 192.168.254.100.5449:

1.2.3.4:23496 > 192.168.254.100.5447:

1.2.3.4:12925 > 192.168.254.100.80:

The external IP I get from the wifi network is 1.2.3.4 and it connects to all 3 ports and the calls work.

However when using cellular on AT&T network, a different IP is returned back in the log for port 5447 and 5449 than it does for port 80 ?

Port 80 is coming back from the right IP:

2.3.4.5.5408 > 192.168.254.100.80

Port 5447 is showing an entirely different IP

4.5.6.7.56206 > 192.168.254.100.5447

This time the call does not work?

So my question is what is the firewall doing with two different IP's connecting to the same server for the same session?

Is there anything that can be done on the ASA or do I have to go back to the ISP?

Has anybody seen this issue with Shoretel before?

Any help appreciated

Roger

Maykol Rojas · ‎11-12-2012

The firewall will take them as new connections, now if all 3 connections need to be in sync, you will definetely have a problem with the Connection.

There is an easy way to fix this not having to contact AT&T for suppor maybe we can try with an specific IP address and test.

What version are you running?

Mike Rojas.

Mike