10-19-2011 12:52 PM - edited 03-11-2019 02:40 PM
The Voip pbx resides on a seperate lan, not connected to the ASA. Users from behind the ASA (inside) try to connect to the VOIP pbx using a soft phone. The Voip connection is established, however users cannot here conversations on either end.
Im assuming this is possibly a Sip and Pat issue? The ASA firewall is using a seperate Global IP for PAT. Also I have opened ports on the outside interface for SIP udp 8081, 2088,16000-16010 and 15000-15511. I have both SIP and H323 h225 inspection in place as well.
10-19-2011 04:34 PM
Hello,
At this moment the best option would be to do some captures and debug for the h323 h225 events.
Regards,
Julio
10-20-2011 08:41 AM
Is the VoIP PBX on the outside interface or inside interface? If it's on the outside you may want to look into NAT hairpinning.
10-20-2011 09:37 AM
The VOIP PBX is on the outside. The problem may be fixed now. One of the users changed his client settings in regards to Firewall Traversal . By changing the Traversal method to NONE it seems to work. Previously there was a Checkpoint firewall that the ASA replaced. Im not sure what changed in regards to the VOIP between firewalls. The Softphone Client is X-lite
10-20-2011 09:40 AM
I just went through this exact same scenario (swapping Checkpoint w/ ASA). Be careful because the issue was hit or miss. Again look into NAT hairpinning.
10-20-2011 05:50 PM
Most likely you are not maching the default inspection since it should be working on the known port 5060, as a personal recommendation I will use the fixup for SIP to match the port 5060, also you can confirm if he inspection is actually matching the sip traffic using the debug sip and debug sip ha in order to verify if it is working properly, in case you would like to find out why it is not working as expected please do not hesitate on keep posting, I will be more than glad to assist you on this.
In case you would like to continue working can you provide me the following information
show run of the ASA you are using
debug sip and debug sip ha
captures of the traffic on the inside and the outside
Can you confirm me if the no audio is both ways or if one of them can actually hear something.
Regards,
Luis Sandi
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: