05-17-2017 10:47 AM - edited 03-18-2019 01:07 PM
Hello there,
I am a little bit new to Video so i have this issue. I renamed an endpoint (SX10) in TMS and after the update, i started having issues with it. Its a standalone sx10 running TC7.3.7.01c84fd. I have a static NAT on the fortigate firewall (Private - Public). The sip URI is set to the private IP. When i make a call, i can see the video of the remote person and the audio comes through but he cant see me nor hear me. I have tried all i can to fix this but i am having issue. Any help would be appreciated.
Solved! Go to Solution.
05-17-2017 04:59 PM
Hi,
Changing the name in TMS has nothing to do with the issue you mentioned.
I think its a issue with either the ports on fortigate for media to send to&fro on your end or far end is not having right policies to allow media to be received.
Do a packet capture on inside and external interface of fortigate and see if you are sending media to far end or not.
Regards,
Alok
05-17-2017 11:33 AM
Hey,
do you see any error on the webgui of the unit? Are you registering to CUCM or VCS?
05-17-2017 12:22 PM
I use TMS and i dont see any errors
05-17-2017 05:18 PM
TMS is a management system, making a name change will not cause audio or video issues. The fact that the endpoint sends media but it is not receiving media, indicates a network issue, typically due to NAT issues where the far end sends the media to the Private IP of the SX10 instead of the Public NAT IP. I do recommend to check the NAT portion.
HTH
05-17-2017 05:57 PM
Thank you Elias,
Yes i am having NAT on both firewalls with each private IP translated to a public IP. One site is using sx10 and the other has an sx20. the sip uri of both units are their respective private IP addresses. I have policies that allow traffic for SIP TCP/UDP 5060,h323 TCP/1720 TCP/1503 UDP/1719, TCP/5555-6555, UDP/2326-2487.
My RTP on the codecs is between 60000 to 64999 which i have a policy too that allows traffice for it
05-17-2017 04:59 PM
Hi,
Changing the name in TMS has nothing to do with the issue you mentioned.
I think its a issue with either the ports on fortigate for media to send to&fro on your end or far end is not having right policies to allow media to be received.
Do a packet capture on inside and external interface of fortigate and see if you are sending media to far end or not.
Regards,
Alok
05-17-2017 06:13 PM
. I have policies that allow traffic for SIP TCP/UDP 5060,h323 TCP/1720 TCP/1503 UDP/1719, TCP/5555-6555, UDP/2326-2487.
My RTP on the codecs is between 60000 to 64999 which i have a policy too that allows traffice for it.
I did a packet capture and i saw many the below packets, I replaced the IPs with words:
<Source> Private IP for Sx10 -> <DSTN> Public IP of sx20: icmp: Private IP for sx10 udp port 60276 unreachable
<Source> Public IP for Sx10 -> <DSTN> Public IP of sx20: icmp: Public IP for Sx10 udp port 60276 unreachable
Sorry i clicked on correct answer by mistake
05-17-2017 06:13 PM
do you know about the port range of far end ? Since you are receiving the video i guess your NAT config on the endpoint should be fine, but since far end is not getting any video then i see two issues:
1) either your end ports are not opened to send media to far end on the ports its requesting
2) far end has config issues either on firewall (ports opening to receive media) or its behind a NAT and NAT is not configured on the endpoint.
So i would suggest to check what ports far end is using and open on your side.
Regards,
Alok
05-17-2017 07:03 PM
I have identical policies on both firewalls and NAT is enabled on both ends. The only ports that are missing on the far end (sx10) are 1935, 4000, UDP/16384-32767, TCP/UDP 5000-6000
I did a packet capture and i saw many the below packets, I replaced the IPs with words:
<Source> Private IP for Sx10 -> <DSTN> Public IP of sx20: icmp: Private IP for sx10 udp port 60276 unreachable
<Source> Public IP for Sx10 -> <DSTN> Public IP of sx20: icmp: Public IP for Sx10 udp port 60276 unreachable
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide