Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
749
Views
0
Helpful
0
Replies

IOS 12.3(9a): overreacts on PATed SIP packets? Bug?

jstuehler
Level 1
Level 1

‎08-08-2004 04:10 PM

Dear all,

I am wondering whether the Cisco 1721 is doing more to PATed SIP packets than it should.

The router connects to the internet via ADSL, public IP address assigned by ISP. There is an ATA (not a Cisco) behind it. The ATA registers with a VoIP/SIP proxy on the internet.

The problem is that there is no voice in either direction for incoming calls only. Outgoing calls are OK.

Here is a shortened Ethereal trace, showing the 200 OK packet with the ATA directly connected to the DSL line (it has the feature to do so):

----------------------------------------------------

Internet Protocol, Src Addr: 80.140.100.107 (80.140.100.107), Dst Addr: 217.10.79.9 (217.10.79.9)

User Datagram Protocol, Src Port: 5060 (5060), Dst Port: 5060 (5060)

Session Initiation Protocol

Status-Line: SIP/2.0 200 OK

Message Header

Via: SIP/2.0/UDP 217.10.79.9;branch=z9hG4bKcfa2.ef9f10d6.2

Via: SIP/2.0/UDP 217.10.79.8;branch=z9hG4bKcfa2.64e206f5.0

Via: SIP/2.0/UDP 217.10.79.8;branch=z9hG4bKcfa2.54e206f5.0

Via: SIP/2.0/UDP 217.10.66.11:5060;branch=z9hG4bK3e531974

Record-Route: <sip:[called SIP ID]@217.10.79.9;ftag=as4022e77c;lr=on>

Record-Route: <sip:[called SIP ID]@217.10.79.8;ftag=as4022e77c;lr=on>

Record-Route: <sip:[called number]@217.10.79.8;ftag=as4022e77c;lr=on>

From: "[calling number]" <sip:[calling number]@217.10.66.11>;tag=as4022e77c

SIP Display info: "[calling number]"

SIP from address: sip:[calling number]@217.10.66.11

SIP tag: as4022e77c

To: <sip:[called number]@sipgate.net>;tag=0354c577371e9531

Call-ID: 68ef4c4940eab2da44fb34581b6c74a6@217.10.66.11

CSeq: 102 INVITE

User-Agent: Grandstream HT486 1.0.5.9

Contact: <sip:[called SIP ID]@80.140.100.107>

----------------------------------------------------

Here is a trace with the ATA behind the router:

----------------------------------------------------

Internet Protocol, Src Addr: 80.140.100.195 (80.140.100.195), Dst Addr: 217.10.79.9 (217.10.79.9)

User Datagram Protocol, Src Port: 1026 (1026), Dst Port: 5060 (5060)

Session Initiation Protocol

Status-Line: SIP/2.0 200 OK

Message Header

Via: SIP/2.0/UDP 217.10.79.9;branch=z9hG4bK1dfe.3b8e3887.2

Via: SIP/2.0/UDP 80.140.100.195:1029;branch=z9hG4bK1dfe.35cc5a75.0

Via: SIP/2.0/UDP 80.140.100.195:1029;branch=z9hG4bK1dfe.25cc5a75.0

Via: SIP/2.0/UDP 80.140.100.195:1030;branch=z9hG4bK3e522478

Record-Route: <sip:[called SIP ID]@217.10.79.9;ftag=as1a77340a;lr=on>

Record-Route: <sip:[called SIP ID]@80.140.100.195:1029;ftag=as1a77340a;lr=on>

Record-Route: <sip:[called number]@80.140.100.195:1029;ftag=as1a77340a;lr=on>

From: "[calling number]" <sip:[calling number]@80.140.100.195:1030>;tag=as1a77340a

SIP Display info: "[calling number]"

SIP from address: sip:[calling number]@80.140.100.195:1030

SIP tag: as1a77340a

To: <sip:[called number]@sipgate.net>;tag=61b493d7337ee291

Call-ID: 24ce1f622c3ee529291a176b41cb9584@217.10.66.11

CSeq: 102 INVITE

User-Agent: Grandstream HT486 80.140.100.195:1028

Contact: <sip:[called SIP ID]@80.140.100.195:1027>

----------------------------------------------------

As you can see, everything that looks like an IP address is being rewritten to the external IP address assigned by the ISP -- except for the SIP proxy IP and call ID. Even the firmware version description (1.0.5.9 => 80.140.100.195)! The router allocates a whole list of ports for NAT, even for the version string:

Aug 9 01:58:39.913: NAT: Allocated Port for 1.0.5.9 -> 80.140.100.195: wanted 5060 got 1028

Is this a feature or is this a bug? Can anyone reproduce this? How can I avoid this?

Thanks alot,

Jan Stuehler

jan.stuehler@siemens.com

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents