02-27-2017 06:57 PM - edited 03-13-2019 09:47 PM
Dear Sir,
I am using two Polycom Devices , models are Group 500 and Debut . These devices are under Cisco ASA 5525 Firewall. There is no error with Group 500 . But when I use Debut calling, video call is automatically drop in exactly every 5 minutes. So I suspect that ASA firewall default setting have timeout value.
======================================================================
***** Original / default *****
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
=========================================================================
So I changed to following values
timeout sunrpc 96:00:00 h323 96:00:00 h225 96:00:00 mgcp 96:00:00 mgcp-pat 96:00:00
timeout sip-provisional-media 0:02:00 uauth 3:00:00 absolute
Even though call is still drop in exactly every 5 minutes.
Could please advice to fix this problem. Thanks in advance.
02-27-2017 07:34 PM
Does anything appear in the firewall logs related to the event?
02-28-2017 10:02 AM
You could also do a packet capture on the ASA to see what is coming in and 'not' being responded to after 5 mins.
Are they both using the same protocol, H.323 or SIP?
Is it possible that encryption is involved?
03-06-2017 06:18 PM - edited 07-26-2018 10:37 AM
issues was solved, End point don't send the TCP keep alive message. Device developer confirm their device don't send the tcp keep alive. F5 is full proxy and drop the connection TCP time interval is reach because TCP keep alive is not arrive. So, I amend the TCP keep alive time interval from 5 minutes to 1 hour.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide