Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1432
Views
0
Helpful
15
Replies

Multisite Voice One Way Problem

mabucham7
Level 1
Level 1

‎01-15-2013 02:54 AM - edited ‎03-21-2019 06:50 AM

Hello,

    I have an issue with multisite using 2 UC520s, I have set it up using CCA for both Data and Voice which was straight forward, data seems to be working perfectly, while voice seems to be working only one way, meaning if I call from site 1 to site 2 its rings but then nothing, while if I call from site 2 to site 1, I can hear everything but they can’t hear me. i used the attached document to try and diagnose things or even match configuration with no luck, so can anyone help

Regards

Labels:
Preview file
479 KB
0 Helpful
15 Replies 15

johschaf
Level 4
Level 4

‎01-15-2013 11:12 AM

Hello,

Could you please post the following(removing all public IPs, passwords, preshared keys, etc):

cypto map from both UCs

ACLs referenced in the crypto map

NAT and WAN ACLs

multisite dial-peers

voice service voip config

Thanks,

-john

0 Helpful

mabucham7
Level 1
Level 1
In response to johschaf

‎01-15-2013 12:19 PM

Yes of course, hope i didnt miss anything:

Site 1:

Crypto Map IPv4 "multisite" 1 ipsec-isakmp

    Description: Site2

    Peer = xx.xx.xx.xx

        Extended IP access list 106

        access-list 106 permit ip 192.168.0.0 0.0.0.255 192.168.2.0 0.0.0.255

    Current peer: xx.xx.xx.xx

    Security association lifetime: 4608000 kilobytes/3600 seconds

    Responder-Only (Y/N): N

    PFS (Y/N): N

    Transform sets={

        ESP-3DES-SHA:  { esp-3des esp-sha-hmac  } ,

    }

    QOS pre-classification

    Interfaces using crypto map multisite:

        FastEthernet0/0

UC_520#show access-lists

Extended IP access list 100

    10 deny ip 192.168.0.0 0.0.0.255 any

    20 deny ip host 255.255.255.255 any

    30 deny ip 127.0.0.0 0.255.255.255 any

    40 permit ip any any

Extended IP access list 101

    10 permit udp any host 10.1.10.2 eq non500-isakmp

    20 permit udp any host 10.1.10.2 eq isakmp

    30 permit esp any host 10.1.10.2

    40 permit ahp any host 10.1.10.2

    50 permit tcp 10.1.1.0 0.0.0.255 eq 2000 any (21023 matches)

    60 permit udp 10.1.1.0 0.0.0.255 eq 2000 any

    70 deny ip 192.168.0.0 0.0.0.255 any (7 matches)

    80 deny ip 10.1.1.0 0.0.0.255 any (1336 matches)

    90 deny ip host 255.255.255.255 any

    100 deny ip 127.0.0.0 0.255.255.255 any

    110 permit ip any any (14650 matches)

Extended IP access list 102

    10 permit udp any host 192.168.0.101 eq non500-isakmp

    20 permit udp any host 192.168.0.101 eq isakmp

    30 permit esp any host 192.168.0.101

    40 permit ahp any host 192.168.0.101

    50 deny ip 10.1.10.0 0.0.0.3 any (7 matches)

    60 deny ip 10.1.1.0 0.0.0.255 any

    70 deny ip host 255.255.255.255 any

    80 deny ip 127.0.0.0 0.255.255.255 any

    90 permit ip any any (219560 matches)

Extended IP access list 103

    10 permit udp any host 10.1.1.1 eq non500-isakmp

    20 permit udp any host 10.1.1.1 eq isakmp

    30 permit esp any host 10.1.1.1

    40 permit ahp any host 10.1.1.1

    50 permit tcp 10.1.10.0 0.0.0.3 any eq 2000 (35688 matches)

    60 permit udp 10.1.10.0 0.0.0.3 any eq 2000

    70 permit udp any 10.1.10.0 0.0.0.3 range 16384 32767

    80 permit udp 10.1.10.0 0.0.0.3 range 16384 32767 any (1343 matches)

    90 deny ip 192.168.0.0 0.0.0.255 any

    100 deny ip host 255.255.255.255 any

    110 deny ip 127.0.0.0 0.255.255.255 any

    120 permit ip any any (4586927 matches)

Extended IP access list 104

    10 permit ip 192.168.2.0 0.0.0.255 192.168.0.0 0.0.0.255

    20 permit udp host xx.xx.xx.xx host 192.168.1.64 eq non500-isakmp (8338 matches)

    30 permit udp host xx.xx.xx.xx host 192.168.1.64 eq isakmp (19 matches)

    40 permit esp host xx.xx.xx.xx host 192.168.1.64

    50 permit ahp host xx.xx.xx.xx host 192.168.1.64

    60 permit udp any host 192.168.1.64 eq non500-isakmp (2390 matches)

    70 permit udp any host 192.168.1.64 eq isakmp (2 matches)

    80 permit esp any host 192.168.1.64

    90 permit ahp any host 192.168.1.64

    100 deny ip 10.1.10.0 0.0.0.3 any

    110 deny ip 192.168.0.0 0.0.0.255 any

    120 deny ip 10.1.1.0 0.0.0.255 any

    130 permit udp any eq bootps any eq bootpc

    140 permit icmp any any echo-reply

    150 permit icmp any any time-exceeded

    160 permit icmp any any unreachable

    170 deny ip 10.0.0.0 0.255.255.255 any

    180 deny ip 172.16.0.0 0.15.255.255 any

    190 deny ip 192.168.0.0 0.0.255.255 any (968 matches)

    200 deny ip 127.0.0.0 0.255.255.255 any

    210 deny ip host 255.255.255.255 any

    220 deny ip any any

Extended IP access list 105

    10 permit ip 192.168.0.0 0.0.0.255 any

Extended IP access list 106

    10 permit ip 192.168.0.0 0.0.0.255 192.168.2.0 0.0.0.255 (20616 matches)

UC_520#show running-config

Building configuration...

voice service voip

allow-connections h323 to h323

allow-connections h323 to sip

allow-connections sip to h323

allow-connections sip to sip

no supplementary-service h450.2

no supplementary-service h450.3

supplementary-service h450.12

sip

  registrar server expires max 600 min 60

  no update-callerid

!

voice class codec 1

codec preference 1 g711ulaw

codec preference 2 g729r8

!

voice class h323 1

  call start slow

voice translation-rule 1000

rule 1 /.*/ //

!

voice translation-rule 1112

rule 1 /^9/ //

rule 2 /^7/ //

!

voice translation-rule 1113

rule 1 /^81\(...\)/ /\1/

!

voice translation-rule 1114

rule 1 /\(^...$\)/ /81\1/

!

voice translation-rule 2001

!

voice translation-rule 2002

rule 2 /^A/ //

!

voice translation-rule 2222

!

!

voice translation-profile CALLER_ID_TRANSLATION_PROFILE

translate calling 1111

!

voice translation-profile CallBlocking

translate called 2222

!

voice translation-profile OUTGOING_TRANSLATION_PROFILE

translate called 1112

!

voice translation-profile XFER_TO_VM_PROFILE

translate redirect-called 2002

!

voice translation-profile multisiteInbound

translate called 1113

!

voice translation-profile multisiteOutbound

translate calling 1114

!

voice translation-profile nondialable

translate called 1000

!

!

voice-card 0

dspfarm

dsp services dspfarm

no local-bypass

!

!

!

policy-map queue

class signaling

  bandwidth percent 5

class media

  priority percent 50

class class-default

  fair-queue

policy-map shape

class class-default

  shape average 1024000

  service-policy queue

!

gw-accounting syslog

!

!

crypto isakmp policy 1

encr 3des

hash md5

authentication pre-share

group 2

lifetime 1800

crypto isakmp key address 0.0.0.0 0.0.0.0

!

!

!

crypto map multisite 1 ipsec-isakmp

description Site2

set peer xx.xx.xx.xx

set transform-set ESP-3DES-SHA

match address 106

qos pre-classify

!

!

!

!

!

interface Loopback0

description $FW_INSIDE$

ip address 10.1.10.2 255.255.255.252

ip access-group 101 in

ip virtual-reassembly in

!

interface FastEthernet0/0

description $FW_OUTSIDE$

bandwidth 1024

ip address 192.168.1.64 255.255.255.0

ip access-group 104 in

ip nat outside

ip inspect SDM_LOW out

ip virtual-reassembly in

load-interval 30

duplex auto

speed auto

crypto map multisite

service-policy output shape

!

interface Integrated-Service-Engine0/0

description cue is initialized with default IMAP group

ip unnumbered Loopback0

ip virtual-reassembly in

service-module ip address 10.1.10.1 255.255.255.252

service-module ip default-gateway 10.1.10.2

!

!

interface Virtual-Template1 type tunnel

ip unnumbered Vlan1

tunnel mode ipsec ipv4

tunnel protection ipsec profile SDM_Profile1

!

interface Vlan1

description $FW_INSIDE$

ip address 192.168.0.101 255.255.255.0

ip access-group 102 in

ip virtual-reassembly in

h323-gateway voip bind srcaddr 192.168.0.101

!

interface Vlan100

description $FW_INSIDE$

ip address 10.1.1.1 255.255.255.0

ip access-group 103 in

ip virtual-reassembly in

ntp broadcast

!

ip local pool SDM_POOL_1 192.168.0.200 192.168.0.205

ip forward-protocol nd

ip http server

ip http authentication local

ip http secure-server

ip http path flash:/gui

!

ip dns server

ip route 0.0.0.0 0.0.0.0 192.168.1.2

ip route 10.1.10.1 255.255.255.255 Integrated-Service-Engine0/0

!

!

dial-peer voice 2100 voip

corlist incoming call-internal

description **CCA*INTERSITE inbound call to Site1

translation-profile incoming multisiteInbound

incoming called-number 81...

voice-class h323 1

dtmf-relay h245-alphanumeric

codec g711ulaw

fax protocol cisco

no vad

!

dial-peer voice 2101 voip

corlist incoming call-internal

description **CCA*INTERSITE outbound calls to Site2

translation-profile outgoing multisiteOutbound

destination-pattern 82...

session target ipv4:192.168.2.200

voice-class h323 1

dtmf-relay h245-alphanumeric

codec g711ulaw

fax protocol cisco

no vad

!

!

Site 2:

UC_520#show crypto map

Crypto Map IPv4 "multisite" 1 ipsec-isakmp

    Description: Site1

    Peer = xx.xx.xx.xx

    Extended IP access list 105

        access-list 105 permit ip 192.168.2.0 0.0.0.255 192.168.0.0 0.0.0.255

    Current peer: xx.xx.xx.xx

    Security association lifetime: 4608000 kilobytes/3600 seconds

        Responder-Only (Y/N): N

    PFS (Y/N): N

    Transform sets={

        ESP-3DES-SHA:  { esp-3des esp-sha-hmac  } ,

    }

    QOS pre-classification

    Interfaces using crypto map multisite:

        FastEthernet0/0

UC_520#show access-lists

Extended IP access list 100

    10 deny ip 192.168.2.0 0.0.0.255 any

    20 deny ip host 255.255.255.255 any

    30 deny ip 127.0.0.0 0.255.255.255 any

    40 permit ip any any

Extended IP access list 101

    10 permit udp any host 10.1.10.2 eq non500-isakmp

    20 permit udp any host 10.1.10.2 eq isakmp

    30 permit esp any host 10.1.10.2

    40 permit ahp any host 10.1.10.2

    50 permit udp host 103.12.12.14 eq ntp host 10.1.10.2 eq ntp

    60 permit tcp 10.1.1.0 0.0.0.255 eq 2000 any (11142 matches)

    70 permit udp 10.1.1.0 0.0.0.255 eq 2000 any

    80 deny ip 192.168.2.0 0.0.0.255 any

    90 deny ip 192.168.3.0 0.0.0.255 any

    100 deny ip 10.1.1.0 0.0.0.255 any (147 matches)

    110 deny ip host 255.255.255.255 any

    120 deny ip 127.0.0.0 0.255.255.255 any

    130 permit ip any any (5264 matches)

Extended IP access list 102

    10 permit udp any host 192.168.2.200 eq non500-isakmp

    20 permit udp any host 192.168.2.200 eq isakmp

    30 permit esp any host 192.168.2.200

    40 permit ahp any host 192.168.2.200

    50 permit udp host 103.12.12.14 eq ntp host 192.168.2.200 eq ntp

    60 deny ip 10.1.10.0 0.0.0.3 any

    70 deny ip 192.168.3.0 0.0.0.255 any

    80 deny ip 10.1.1.0 0.0.0.255 any

    90 deny ip host 255.255.255.255 any

    100 deny ip 127.0.0.0 0.255.255.255 any

    110 permit ip any any (21223 matches)

Extended IP access list 103

    10 permit udp any host 10.1.1.1 eq non500-isakmp

    20 permit udp any host 10.1.1.1 eq isakmp

    30 permit esp any host 10.1.1.1

    40 permit ahp any host 10.1.1.1

    50 permit udp host 103.12.12.14 eq ntp host 10.1.1.1 eq ntp

    60 permit tcp 10.1.10.0 0.0.0.3 any eq 2000 (21170 matches)

    70 permit udp 10.1.10.0 0.0.0.3 any eq 2000

    80 deny ip 10.1.10.0 0.0.0.3 any (149 matches)

    90 deny ip 192.168.2.0 0.0.0.255 any

    100 deny ip 192.168.3.0 0.0.0.255 any

    110 deny ip host 255.255.255.255 any

    120 deny ip 127.0.0.0 0.255.255.255 any

    130 permit ip any any (132193 matches)

Extended IP access list 104

    10 permit ip 192.168.0.0 0.0.0.255 192.168.2.0 0.0.0.255

    20 permit udp host xx.xx.xx.xx host 192.168.3.200 eq non500-isakmp (12304 matches)

    30 permit udp host xx.xx.xx.xx host 192.168.3.200 eq isakmp (15 matches)

    40 permit esp host xx.xx.xx.xx host 192.168.3.200

    50 permit ahp host xx.xx.xx.xx host 192.168.3.200

    60 permit udp any host 192.168.3.200 eq non500-isakmp (4 matches)

    70 permit udp any host 192.168.3.200 eq isakmp (1 match)

    80 permit esp any host 192.168.3.200

    90 permit ahp any host 192.168.3.200

    100 permit udp host 103.12.12.14 eq ntp host 192.168.3.200 eq ntp

    110 deny ip 10.1.10.0 0.0.0.3 any

    120 deny ip 192.168.2.0 0.0.0.255 any (19 matches)

    130 deny ip 10.1.1.0 0.0.0.255 any

    140 permit udp host 192.168.3.1 eq domain any

    150 permit icmp any host 192.168.3.200 echo-reply

    160 permit icmp any host 192.168.3.200 time-exceeded

    170 permit icmp any host 192.168.3.200 unreachable (20 matches)

    180 deny ip 10.0.0.0 0.255.255.255 any

    190 deny ip 172.16.0.0 0.15.255.255 any

    200 deny ip 127.0.0.0 0.255.255.255 any

    210 deny ip host 255.255.255.255 any

    220 deny ip host 0.0.0.0 any

    230 deny ip any any log (492 matches)

Extended IP access list 105

    10 permit ip 192.168.2.0 0.0.0.255 192.168.0.0 0.0.0.255 (23430 matches)

Extended IP access list 106

    10 permit ip 192.168.2.0 0.0.0.255 any

UC_520#show running-config

Building configuration...

voice service voip

allow-connections h323 to h323

allow-connections h323 to sip

allow-connections sip to h323

allow-connections sip to sip

no supplementary-service h450.2

no supplementary-service h450.3

supplementary-service h450.12

sip

  registrar server expires max 600 min 60

  no update-callerid

!

voice class codec 1

codec preference 1 g711ulaw

codec preference 2 g729r8

!

voice class h323 1

  call start slow

!

!

!

voice translation-rule 1000

rule 1 /.*/ //

!

voice translation-rule 1112

rule 1 /^9/ //

!

voice translation-rule 1113

rule 1 /^82\(...\)/ /\1/

!

voice translation-rule 1114

rule 1 /\(^...$\)/ /82\1/

!

voice translation-rule 2002

rule 1 /^6/ //

!

voice translation-rule 2222

!

!

voice translation-profile CALLER_ID_TRANSLATION_PROFILE

translate calling 1111

!

voice translation-profile CallBlocking

translate called 2222

!

voice translation-profile OUTGOING_TRANSLATION_PROFILE

translate called 1112

!

voice translation-profile XFER_TO_VM_PROFILE

translate redirect-called 2002

!

voice translation-profile multisiteInbound

translate called 1113

!

voice translation-profile multisiteOutbound

translate calling 1114

!

voice translation-profile nondialable

translate called 1000

!

!

!

policy-map queue

class signaling

  bandwidth percent 5

class media

  priority percent 50

class class-default

  fair-queue

policy-map shape

class class-default

  shape average 1024000

  service-policy queue

!

!

!

crypto isakmp policy 1

encr 3des

hash md5

authentication pre-share

group 2

lifetime 1800

crypto isakmp key address 0.0.0.0 0.0.0.0

!

!

crypto map multisite 1 ipsec-isakmp

description Site1

set peer xx.xx.xx.xx

set transform-set ESP-3DES-SHA

match address 105

qos pre-classify

!

!

!

!

!

interface Loopback0

description $FW_INSIDE$

ip address 10.1.10.2 255.255.255.252

ip access-group 101 in

!

interface FastEthernet0/0

description $FW_OUTSIDE$

bandwidth 1024

ip address 192.168.3.200 255.255.255.0

ip access-group 104 in

ip nat outside

ip inspect SDM_LOW out

ip virtual-reassembly in

ip verify unicast reverse-path

load-interval 30

duplex auto

speed auto

crypto map multisite

service-policy output shape

!

interface Integrated-Service-Engine0/0

description cue is initialized with default IMAP group

ip unnumbered Loopback0

ip virtual-reassembly in

service-module ip address 10.1.10.1 255.255.255.252

service-module ip default-gateway 10.1.10.2

!

!

interface Vlan1

description $FW_INSIDE$

ip address 192.168.2.200 255.255.255.0

ip access-group 102 in

ip virtual-reassembly in

h323-gateway voip bind srcaddr 192.168.2.200

!

interface Vlan100

description $FW_INSIDE$

ip address 10.1.1.1 255.255.255.0

ip access-group 103 in

ip virtual-reassembly in

!

ip local pool SDM_POOL_1 192.168.2.201 192.168.2.205

ip forward-protocol nd

ip http server

ip http authentication local

ip http secure-server

ip http path flash:/gui

!

ip dns server

ip route 0.0.0.0 0.0.0.0 192.168.3.1

ip route 10.1.10.1 255.255.255.255 Integrated-Service-Engine0/0

!

!

!

dial-peer voice 2100 voip

corlist incoming call-internal

description **CCA*INTERSITE inbound call to Site2

translation-profile incoming multisiteInbound

incoming called-number 82...

voice-class h323 1

dtmf-relay h245-alphanumeric

codec g711ulaw

fax protocol cisco

no vad

!

dial-peer voice 2101 voip

corlist incoming call-internal

description **CCA*INTERSITE outbound calls to Site1

translation-profile outgoing multisiteOutbound

destination-pattern 81...

session target ipv4:192.168.0.101

voice-class h323 1

dtmf-relay h245-alphanumeric

codec g711ulaw

fax protocol cisco

no vad

!

!

UC_520#show crypto session

Crypto session current status

Interface: FastEthernet0/0

Session status: UP-ACTIVE    

Peer: xx.xx.xx.xx port 4500

  IKEv1 SA: local 192.168.3.200/4500 remote xx.xx.xx.xx/4500 Active

  IPSEC FLOW: permit ip 192.168.2.0/255.255.255.0 192.168.0.0/255.255.255.0

        Active SAs: 2, origin: crypto map

UC_520#exit

0 Helpful

johschaf
Level 4
Level 4
In response to mabucham7

‎01-15-2013 12:56 PM

Hello,

What is the network topology? It appears the UCs are behind another firewall, correct?

Thanks,

-john

0 Helpful

mabucham7
Level 1
Level 1
In response to johschaf

‎01-15-2013 01:03 PM

Hello again, yup the routers UCs are behind a linksys wag120n ADSL modem

0 Helpful

johschaf
Level 4
Level 4
In response to mabucham7

‎01-15-2013 01:09 PM

Hello,

So the UCs are local to each other? Is there any firewall or access-list on the wag120n? Can you connect the UCs directly to each other with a crossover cable or hub?

Thanks,

-john

0 Helpful

mabucham7
Level 1
Level 1
In response to johschaf

‎01-15-2013 01:14 PM

nope they are connected through internet with real ips, the wag120n is a normal adsl modem nothing special just port forwarded 4500 tcp/udp 500 tcp/udp, vpn passthrough is enabled by default, i even tried ezvpn and its working normally, what are the possible causes ?

0 Helpful

johschaf
Level 4
Level 4
In response to mabucham7

‎01-15-2013 01:31 PM

Hello,

I'm not sure this is going to work behind that type of modem/router. You need to have ESP, IP Protocol 50, opened as well. Can you bridge the modem so that the UCs can get the public IPs and bypass the firewall on the wag120n?

Thanks,

-john

0 Helpful

mabucham7
Level 1
Level 1
In response to johschaf

‎01-15-2013 01:48 PM

well i have already tried it and it didnt work, you mean there is nothing wrong with the config ??

thanks :)

0 Helpful

johschaf
Level 4
Level 4
In response to mabucham7

‎01-15-2013 02:06 PM

For the most part.

I do see an issue with this on the dial-peers: corlist incoming call-internal

Can you remove the corlist from all the multisite dial-peers and test again?

Thanks,

-john

0 Helpful

mabucham7
Level 1
Level 1
In response to johschaf

‎01-15-2013 10:50 PM

Hello,

I just tried it, all multisite dial-peers have no corlist now and still same issue

thanks

0 Helpful

johschaf
Level 4
Level 4
In response to mabucham7

‎01-16-2013 09:52 AM

Hello,

Can you post your NAT configuration?

Thanks,

-john

0 Helpful

mabucham7
Level 1
Level 1
In response to johschaf

‎01-17-2013 05:00 AM

sorry for the late response but i did try few stuff and though i'd get back when i'm done, here is the nat and interface rules:

site 2:

interface Loopback0

description $FW_INSIDE$

ip address 10.1.10.2 255.255.255.252

ip access-group 101 in

ip nat inside

ip virtual-reassembly in

!

interface FastEthernet0/0

description $FW_OUTSIDE$

bandwidth 512

ip address 192.168.3.200 255.255.255.0

ip nat outside

ip virtual-reassembly in

load-interval 30

duplex auto

speed auto

crypto map multisite

service-policy output shape

!

interface Integrated-Service-Engine0/0

description cue is initialized with default IMAP group

ip unnumbered Loopback0

ip nat inside

ip virtual-reassembly in

service-module ip address 10.1.10.1 255.255.255.252

service-module ip default-gateway 10.1.10.2

!

interface Vlan1

description $FW_INSIDE$

ip address 192.168.2.200 255.255.255.0

ip nat inside

ip virtual-reassembly in

h323-gateway voip bind srcaddr 192.168.2.200

!

interface Vlan100

description $FW_INSIDE$

ip address 10.1.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

ip local pool SDM_POOL_1 192.168.2.205 192.168.2.210

ip forward-protocol nd

ip http server

ip http authentication local

ip http secure-server

ip http path flash:/gui

!

ip dns server

ip nat inside source route-map SDM_RMAP_1 interface FastEthernet0/0 overload

ip route 0.0.0.0 0.0.0.0 192.168.3.1

ip route 10.1.10.1 255.255.255.255 Integrated-Service-Engine0/0

site 1:

interface Loopback0

description $FW_INSIDE$

ip address 10.1.10.2 255.255.255.252

ip access-group 101 in

ip nat inside

ip virtual-reassembly in

!

interface FastEthernet0/0

description $FW_OUTSIDE$

bandwidth 1024

ip address 192.168.1.64 255.255.255.0

ip nat outside

ip virtual-reassembly in

load-interval 30

duplex auto

speed auto

crypto map multisite

service-policy output shape

!

interface Integrated-Service-Engine0/0

description cue is initialized with default IMAP group

ip unnumbered Loopback0

ip nat inside

ip virtual-reassembly in

service-module ip address 10.1.10.1 255.255.255.252

service-module ip default-gateway 10.1.10.2

!

interface Vlan1

description $FW_INSIDE$

ip address 192.168.0.101 255.255.255.0

ip nat inside

ip virtual-reassembly in

h323-gateway voip bind srcaddr 192.168.0.101

!

interface Vlan100

description $FW_INSIDE$

ip address 10.1.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

ntp broadcast

!

ip local pool SDM_POOL_1 192.168.0.201 192.168.0.205

ip forward-protocol nd

ip http server

ip http authentication local

ip http secure-server

ip http path flash:/gui

!

ip dns server

ip nat inside source route-map SDM_RMAP_1 interface FastEthernet0/0 overload

ip route 0.0.0.0 0.0.0.0 192.168.1.2

ip route 10.1.10.1 255.255.255.255 Integrated-Service-Engine0/0

!

0 Helpful

David Trad
VIP Alumni
VIP Alumni
In response to mabucham7

‎01-16-2013 05:19 PM

Hi Muhieddine,

Just further to John's request, can you please confirm if the Linksys support H.323 passthrough? If not you may need to also do some port forwarding or Port Triggering for the H.323 as the Linksys could be blocking them, even in Bridged mode (That is just from past experience).

Other than that I dont see a problem with the configuration, not that I have spotted yet but I am looking at it a little further though.

Cheers,


David Trad.
davidtradconsultinggmail.com

Cheers, David Trad. **When you rate a persons post, you are indicating a thank you or that it helped, but at the same time you are also helping to maintain the community spirit - You don't have to rate posts and you wont be looked down upon :) *
0 Helpful

mabucham7
Level 1
Level 1
In response to David Trad

‎01-17-2013 05:02 AM

Hello David, i tried your solution and still have the same problem :s

thanks

0 Helpful
Customers Also Viewed These Support Documents