Buy or Renew
Buy or Renew
Cisco + Splunk: Itā€™s a new day for your data. Learn more.
Ā 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
982
Views
0
Helpful
3
Replies

SIP gateway with CUCM | one way voice during connected call

haider.rizwan
Level 1
Level 1

ā€Ž08-02-2017 06:06 AM - edited ā€Ž03-18-2019 01:22 PM

Hi,

I have CUCM 10.5 in HQ. remote site having Cisco 2811 router connected over IPSec VPN.

During outbound dialing, no incoming voice after every minutes or less but call remains connected.

please advise.

!
voice service voip
no supplementary-service sip handle-replaces
sip
bind control source-interface FastEthernet0/1
bind media source-interface FastEthernet0/1
!
voice class custom-cptone FXO-CUSTOM
dualtone disconnect
frequency 425
cadence 375 375
!
voice translation-rule 1
rule 1 /^.*/ /9&/
!
voice translation-profile from-PSTN
translate calling 1
!
ip ssh version 2
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key <PASSWORD> address <REMOTE PUBLIC IP>
!
crypto ipsec transform-set myset esp-3des esp-sha-hmac
!
crypto map HAWK 1 ipsec-isakmp
set peer <REMOTE PUBLIC IP>
set transform-set myset
match address 105
!
interface FastEthernet0/0
no ip address
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
hold-queue 100 out
!
interface FastEthernet0/1
ip address 192.168.100.252 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
h323-gateway voip bind srcaddr 192.168.100.252
!
interface Dialer1
ip address negotiated
ip access-group OUTSIDE in
no ip unreachables
no ip proxy-arp
ip mtu 1452
ip flow ingress
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username <USERNAME>password <PASSWORD>
crypto map HAWK
!
ip default-gateway <GATEWAY IP>
ip forward-protocol nd
ip http server
ip http secure-server
!
!
ip dns server
ip nat inside source list 110 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip access-list extended OUTSIDE
deny tcp any any eq 5060
deny udp any any eq 5060
permit ip any any
!
access-list 105 permit ip 192.168.100.0 0.0.0.255 10.172.192.0 0.0.0.255
access-list 110 deny ip 192.168.100.0 0.0.0.255 10.172.192.0 0.0.0.255
access-list 110 permit ip 192.168.100.0 0.0.0.255 any
access-list 110 permit ip any any
!
voice-port 0/0/0
input gain 14
output attenuation -6
cptone PK
timeouts call-disconnect 0
timeouts ringing 30
timeouts wait-release 1
connection plar opx 110
shutdown
caller-id enable
!
voice-port 0/0/1
input gain 14
output attenuation -6
cptone PK
timeouts call-disconnect 0
timeouts ringing 30
timeouts wait-release 1
connection plar opx 110
shutdown
caller-id enable
!
voice-port 0/0/2
input gain 14
output attenuation -6
cptone PK
timeouts call-disconnect 0
timeouts ringing 30
timeouts wait-release 1
connection plar opx 115
caller-id enable
!
voice-port 0/0/3
input gain 14
output attenuation -6
cptone PK
timeouts call-disconnect 0
timeouts ringing 30
timeouts wait-release 1
connection plar opx 110
caller-id enable
!
mgcp profile default
!
!
dial-peer voice 11 pots
destination-pattern .T
port 0/0/0
!
dial-peer voice 12 pots
destination-pattern .T
port 0/0/1
!
dial-peer voice 13 pots
destination-pattern .T
port 0/0/2
!
dial-peer voice 14 pots
destination-pattern .T
port 0/0/3
!
dial-peer voice 100 voip
destination-pattern 110
session protocol sipv2
session target ipv4:10.172.192.21
incoming called-number .
voice-class sip bind control source-interface FastEthernet0/1
voice-class sip bind media source-interface FastEthernet0/1
dtmf-relay sip-notify rtp-nte
codec g711ulaw
no vad
!
!
gateway
media-inactivity-criteria rtp
timer media-inactive 10
timer receive-rtp 1200
!

Labels:
0 Helpful
3 Replies 3

Deepak Rawat
Cisco Employee
Cisco Employee

ā€Ž08-04-2017 05:27 AM

Make sure there are no routing issues and all the required ports related to RTP are opened on the FW.

Regards

Deepak

0 Helpful

Mohamed Amine Jaafar
Level 4
Level 4

ā€Ž08-05-2017 07:17 AM

You may have one or both of these 2 problems : network (routing) and/or firewall (ports) issue(s)

While on call, type "show voip rtp connection" on the 2811.

You should see an IP address (the IP address of the IP phone should if not using an MTP), if IP phones are in a different VLAN than 10.172.192.0/24, also make sure to exempt them from NAT.

Make sure that 192.168.100.252 (since you're binding everything to Fa0/1) is able to ping the IP address of the IP phone. If not, means you have a routing problem. Solve that.

Then, try again, if the problem persists, double check your firewall rules/access-lists.

0 Helpful

Abhay Singh Reyal
Level 4
Level 4

ā€Ž08-22-2017 03:31 AM

Try to disable the SIP Inspection on FW. See if that helps
Regards
Abhay
Regards
Abhay Singh Reyal
The Only Way To Do Great Work Is To Love What You Do. If You Havenā€™t Found It Yet, Keep Looking. Donā€™t Settle
0 Helpful
Customers Also Viewed These Support Documents