How do I configure SIP properly. I keep getting, "Vonage device cannot connect to the vonage network". Here is my show version output. It does supprt SIP.

"Cisco Internetwork Operating System Software

IOS (tm) 3600 Software (C3620-IK9O3S6-M), Version 12.3(18), RELEASE SOFTWARE (fc3)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2006 by cisco Systems, Inc.

Compiled Wed 15-Mar-06 22:18 by dchih

Image text-base: 0x60008B00, data-base: 0x61A1C000

ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

ROM: 3600 Software (C3620-IK9O3S6-M), Version 12.3(18), RELEASE SOFTWARE (fc3)

DEFCON-WAN-ROUTER uptime is 11 hours, 27 minutes

System returned to ROM by power-on

System image file is "flash:c3620-ik9o3s6-mz.123-18.bin"

Hi,

there is nothing special in Vongaes, I assume you NAT config is OK. Check with "show ip nat translatations" that the translation in created as expected.

Beside that I wouldn't know what to say.

That is the problem. I have the ACL setup to allow that subnt as I do the other subnet (which NATs fine). But when I do a show nat trans I do see ANY translation for the subnet.

Would you post all your configuration that is relevant to nat ?

interface Ethernet0/0

description WAN INTERFACE TO COX ISP

bandwidth 10000

ip address dhcp

ip access-group External in

ip nat outside

ip multicast ttl-threshold 8

ip multicast tagswitch

full-duplex

no keepalive

arp timeout 300

no cdp enable

interface FastEthernet1/0

description DMZ INTERFACE TO LAN USERS AND WIRELESS USERS

bandwidth 100000

ip address 192.168.1.1 255.255.255.0

ip verify unicast reverse-path

no ip proxy-arp

ip nat inside

ip multicast ttl-threshold 2

ip multicast tagswitch

speed 100

full-duplex

arp timeout 60

no cdp enable

interface FastEthernet1/1

description VONAGE LINK

bandwidth 100000

ip address 192.168.2.1 255.255.255.0

ip access-group vonage_inbound in

ip access-group vonage_outbound out

ip verify unicast reverse-path

no ip proxy-arp

ip nat inside

no ip mroute-cache

speed 100

full-duplex

arp timeout 60

no cdp enable

ip nat log translations syslog

ip nat translation timeout 120

ip nat translation dns-timeout 5

ip nat inside source list 1 interface Ethernet0/0 overload

ip nat inside source static udp 192.168.255.254 161 65.182.16.88 161 extendable

ip nat inside source static udp 192.168.255.254 162 65.182.16.88 161 extendable

ip nat inside source static udp 192.168.1.1 161 65.182.16.88 161 extendable

ip nat inside source static udp 192.168.1.1 162 65.182.16.88 162 extendable

access-list 1 permit 65.182.16.88 log

access-list 1 permit 192.168.0.0 0.0.0.255 log

access-list 1 permit 192.168.1.0 0.0.0.255 log

access-list 1 permit 192.168.2.0 0.0.0.255 log

access-list 1 permit 192.168.3.0 0.0.0.255 log

access-list 1 permit 192.168.4.0 0.0.0.255 log

access-list 1 deny any log

NAT config seems fine. Can you try without the ACL vonage_inbound and vonage_outbound ?

How the vonage ATA gets an addess? Can you ping this address?

ACL was taken off. I cannot ping the address and it is directly connected. However it does show up in the arp tables with a "Sh Arp"

How the vonage ATA gets its address ?

Until you can ping it, I would say no chances to have it working.

I ended up having to create a NAT rule and open up UDP 10000 to keep my Vonage ATA working properly. Just a suggestion. I never had to enable SIP or SCCP through my router, either.

YMMV, though.

So I presume I do a static NAt translation for the UDP 10000. Thanks for clarifying ATA, I had no idea what it was. I will also assume since I use DHCP to get an address on the WAN side, I will need to change this static trand\s everytime I have a new IP on the outside.

Nah, I use DHCP also and keep up a translation like so:

ip nat inside source static udp 192.168.0.10 10000 interface FastEthernet4 10000

That's what I use for my Vonage, works well. Not sure if it's totally needed, though. Like I said, once I popped open UDP port 10000 in my ACL, it stayed connected to Vonage's network. I just have the nat translation there *just in case*.

How are you assigning your Vonage ATA an address, though? DHCP or static?

"How are you assigning your Vonage ATA an address, though? DHCP or static?" <--- what do you mean bythat. I can't remember how I set it up originally. But it was behind a Netgear router. Then that stopped working, so I put it behind the d-link and it didn't work. Thn I put the cisco 3620, before the D-link router and off another fa link put the vonage diretly connectedvia crossover (straight through cable wouldn't get a link). Do I have to specify my WAN IP with vonage. I remeber something about a MAC address before.

If you can't remember how you set up your ATA, then it may just be best to reset it and let it grab a proper DHCP address for its subnet in case you put in a static IP that isn't correct for the subnet it is on now.

And you don't have to specify your WAN IP with Vonage. . .all that should be automatically gotten. And the MAC address is so that the ATA device can be registered on Vonage's network.