Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
808
Views
0
Helpful
5
Replies

Voice Traffic behind ASA

Go to solution
keven.jones
Level 1
Level 1

‎12-26-2010 06:07 AM - edited ‎03-11-2019 12:27 PM

Hello

Is there any known Issue for Voice Traffic on ASA 5520 running version 8.2, we are unable to pass voice traffic from inside to outside and vice-versa.

We tested connecting to SIP Gateway from insdie to outside but no luck and from outside to insdie its the same issue. We got Static NAT and ACL on inside and outside interface, is it something to do with default policy or Issue due to NAT.  Our Voice Gateway on inside network needs to communicate with Other Voice Gateway on Internet.

Please input

cheers

Keven

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to Marcin Latosiewicz

‎12-26-2010 09:09 AM

Yes. Exactly. Thanks Marcin

You need inspection to fixup the address from the inside interface to outside interface and vice versa and also open pin holes accordingly.

Also, make sure to issue "sh run service-policy" and make sure you see a line like this one below.

service-policy gobal_policy global

That should take care of it.

Dont' miss my ATE event Starts January 3, 2011: https://supportforums.cisco.com/community/netpro/ask-the-expert

-KS

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee

‎12-26-2010 06:46 AM

Do you have sip inspection enabled?

Issue "sh run policy-map" should be able to show you.

-KS

0 Helpful

Go to solution
keven.jones
Level 1
Level 1
In response to Kureli Sankar

‎12-26-2010 07:36 AM

Thank You KS for the reply, here is the output of show run policy-map.

Do you advice me to check anything else.

( I recollect I had issue with EMSTP and I removed from here, in Pix 525 SMTP issue was resolved with fixup command )

show run policy-map
!
policy-map type inspect dns preset_dns_map
parameters
  message-length maximum 512
policy-map global_policy
class inspection_default
  inspect dns preset_dns_map
  inspect rsh
  inspect rtsp
  inspect sqlnet
  inspect skinny 
  inspect sunrpc
  inspect xdmcp
  inspect netbios
  inspect tftp
  inspect pptp
  inspect ftp
class class_ftp
  inspect ftp

0 Helpful

Go to solution
Marcin Latosiewicz
Cisco Employee
Cisco Employee
In response to keven.jones

‎12-26-2010 08:43 AM

Keven,

Provided you're usuing standard port for skinny you can enabled this as first step ;-)

policy-map global_policy
class inspection_default
inspect sip

Which is what Kureli meant.

If you're using NAT, ASA needs to inspect payload of SIP messaging.

HTH,

Marcin

0 Helpful

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to Marcin Latosiewicz

‎12-26-2010 09:09 AM

Yes. Exactly. Thanks Marcin

You need inspection to fixup the address from the inside interface to outside interface and vice versa and also open pin holes accordingly.

Also, make sure to issue "sh run service-policy" and make sure you see a line like this one below.

service-policy gobal_policy global

That should take care of it.

Dont' miss my ATE event Starts January 3, 2011: https://supportforums.cisco.com/community/netpro/ask-the-expert

-KS

0 Helpful

Go to solution
keven.jones
Level 1
Level 1
In response to Kureli Sankar

‎12-26-2010 12:36 PM

Thanks KS

Its working like a champion.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card