10-18-2019 07:50 AM - edited 10-18-2019 07:58 AM
Dear All,
I need some help regarding router configurations. I am using Cisco 3845 with Cisco IOS Software, 3800 Software (C3845-ADVIPSERVICESK9-M), Version 12.4(10), RELEASE SOFTWARE (fc1) & Cisco-3750-G-SW.
We have 3 ISPs terminating into Cisco-3750-G then we terminated these ISPs into router on sub-interfaces.
1st ISP is for VOIP >>>>>>>>>>>>>> Used for 2 VOIP servers on cloud on port 5050
2nd ISP is for all other data traffic
3rd is SIP Trunk from ISP >>>>>>> Used for 1 VOIP server on port 5060
We are doing PBR so that the VOIP traffic for server 1 and server 2 go via 1st ISP and all other data traffic is going via 2nd ISP.
Core-Router is enabled for PAT for all of these ISPs. We have only 1 LAN for all of these WAN connection.
Issue is with (IP NAT SERVICE SIP UDP PORT 5050). Should I have to enable it because we have 2 VOIP servers on cloud on port 5050.
When I enabled above command some voip packets start dropping.
Can someone help in this issue. What should I do with IP NAT sip service?
I am also posting the configurations, Kindly check these configuration if I am missing something.
Configurations of Cisco-3845
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Core-Router
!
logging userinfo
logging buffered 4096 debugging
no logging console
no logging monitor
!
no aaa new-model
clock timezone UTC 5
no ip source-route
no ip gratuitous-arps
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.32.1 192.168.32.100
ip dhcp excluded-address 192.168.33.1 192.168.33.100
!
ip dhcp pool dhcp
network 192.168.32.0 255.255.254.0
default-router 192.168.32.1
dns-server 8.8.8.8
lease 0 0 30
!
ip domain name routerips.com
ip name-server 8.8.8.8
ip ssh logging events
ip ssh version 2
!
login on-failure log
login on-success log
!
interface GigabitEthernet0/0
description WAN
no ip address
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/0.100
description WAN-1stISP
encapsulation dot1Q 100
ip address 192.168.10.2 255.255.255.0
ip nat outside
ip virtual-reassembly max-reassemblies 64
!
interface GigabitEthernet0/0.200
description WAN-2ndISP
encapsulation dot1Q 200
ip address XXX.XX.XX.XXX 255.255.255.248
ip nat outside
ip virtual-reassembly max-reassemblies 64
!
interface GigabitEthernet0/0.3523
description WAN-SIPTrunk
encapsulation dot1Q 3523
ip address XX.XXX.XXX.XX 255.255.255.248
ip nat outside
ip virtual-reassembly
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1.300
description LAN-Network
encapsulation dot1Q 300
ip address 192.168.32.1 255.255.254.0
ip nat inside
ip virtual-reassembly max-reassemblies 64
ip policy route-map asterik
!
ip route 0.0.0.0 0.0.0.0 towards 2nd ISP
ip dns server
!
no ip http server
no ip http secure-server
ip nat service sip tcp port 5050
ip nat service sip udp port 5050
no ip nat service sip tcp port 5060
no ip nat service sip udp port 5060
!
ip nat inside source route-map 3rd-ISP interface GigabitEthernet0/0.3523 overload
ip nat inside source route-map 1st-ISP interface GigabitEthernet0/0.200 overload
ip nat inside source route-map 2nd-ISP interface GigabitEthernet0/0.100 overload
!
route-map 3rd-ISP permit 10
match ip address 100
match interface GigabitEthernet0/0.3523
!
route-map 2nd-ISP permit 10
match ip address 100
match interface GigabitEthernet0/0.100
!
route-map 1st-ISP permit 10
match ip address 100
match interface GigabitEthernet0/0.200
!
route-map asterik permit 10
match ip address 160
set ip next-hop 192.168.10.1 (2nd-ISP Next Hop which is using as default route)
!
route-map asterik permit 20
match ip address 150
set ip next-hop XXX.XX.XX.XXX ( Next-Hop Address for VOIP Servers traffic only) Destination based Policy routing
!
scheduler allocate 20000 1000
process cpu threshold type total rising 80 interval 5
ntp logging
ntp clock-period 17180097
ntp server 216.239.35.0
ntp server 216.239.35.4
ntp server 216.239.35.8
ntp server 216.239.35.12
10-18-2019 08:13 AM - edited 10-18-2019 08:13 AM
Is the SIP issue due to high CPU
what is causing high CPU ?
can you post output
show process cpu sorted | ex 0.00%
show version
10-22-2019 10:51 AM
10-22-2019 10:52 AM
10-22-2019 10:53 AM
10-22-2019 11:39 AM
Hello,
you did not post the actual access lists. Are there any 'deny' statements in the access lists ?
10-22-2019 11:57 AM
10-22-2019 11:57 AM
10-22-2019 12:29 PM
Hello,
your router is very old (end of sale date was 2011), and the IOS version you are running is extremely outdated. You might just be running into a hardware failure.
10-22-2019 02:02 PM
10-22-2019 02:39 PM
Try 15.1.4M12a MD, which is the latest and recommended release...
https://software.cisco.com/download/home/279042634/type/280805680/release/15.1.4M12a
10-22-2019 01:10 PM
what kind of WAN Utilisation, Hope all are static router or any dynamic routing here on router ?
what was the uptime of the router, before you rebooted last time ?
10-22-2019 02:04 PM
10-22-2019 02:11 PM
10-22-2019 02:39 PM
what kind of bandwidth utilisation ? or internet pipe you have ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide