Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Who Me Too'd this topic

One way audio over VPN

benjamin.a
Level 1
Level 1

‎01-24-2013 09:32 AM

I have 2 Cisco 1941 routers with a standard IPSec tunnel between them. Data works fine, but VoIP is encountering a one way audio issue where the remote site calling cannot be heard but they can hear me.  This seems to match what I'm seeing in encaps and decaps. The quesion I'm having is why would the remote site be encapsulating all packets but the office router isn't decaping these audio packets. I isolated one phone specifically so that's why the SA is for only 1 host.

Thanks!

OFFICE ROUTER

   protected vrf: (none)

   local  ident (addr/mask/prot/port): (192.168.0.0/255.255.0.0/0/0)

   remote ident (addr/mask/prot/port): (10.90.91.6/255.255.255.255/0/0)

   current_peer REMOTE_IP port 4500

     PERMIT, flags={origin_is_acl,}

    #pkts encaps: 4104, #pkts encrypt: 4104, #pkts digest: 4104

    #pkts decaps: 375, #pkts decrypt: 375, #pkts verify: 375

    #pkts compressed: 0, #pkts decompressed: 0

    #pkts not compressed: 0, #pkts compr. failed: 0

    #pkts not decompressed: 0, #pkts decompress failed: 0

    #send errors 1, #recv errors 0

     local crypto endpt.: 192.168.0.227, remote crypto endpt.: REMOTE_IP

     path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0

     current outbound spi: 0x69C77389(1774678921)

     PFS (Y/N): N, DH group: none

     inbound esp sas:

      spi: 0xEA4A3FF9(3930734585)

        transform: esp-3des esp-sha-hmac ,

        in use settings ={Tunnel UDP-Encaps, }

        conn id: 2095, flow_id: Onboard VPN:95, sibling_flags 80000046, crypto map: VPN_MAP

        sa timing: remaining key lifetime (k/sec): (4409444/1207)

        IV size: 8 bytes

        replay detection support: Y

        Status: ACTIVE

REMOTE ROUTER

   protected vrf: (none)

   local  ident (addr/mask/prot/port): (10.90.91.6/255.255.255.255/0/0)

   remote ident (addr/mask/prot/port): (192.168.0.0/255.255.0.0/0/0)

   current_peer IP_OFFICE port 4500

     PERMIT, flags={origin_is_acl,}

    #pkts encaps: 4055, #pkts encrypt: 4055, #pkts digest: 4055

    #pkts decaps: 4099, #pkts decrypt: 4099, #pkts verify: 4099

    #pkts compressed: 0, #pkts decompressed: 0

    #pkts not compressed: 0, #pkts compr. failed: 0

    #pkts not decompressed: 0, #pkts decompress failed: 0

    #send errors 0, #recv errors 0

     local crypto endpt.: IP_REMOTE, remote crypto endpt.: IP_OFFICE

     path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0

     current outbound spi: 0xEA4A3FF9(3930734585)

     PFS (Y/N): N, DH group: none

1 person had this problem
Labels:
0 Helpful
Who Me Too'd this topic