Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
496
Views
0
Helpful
2
Replies

Clarification on SIP Forwarding in Greyfield Deployments

Andy Williams
Level 1
Level 1

‎03-19-2013 10:46 AM - edited ‎03-21-2019 07:07 AM

I have a number of customers using the RV180w Small Business Firewall/Router in their business, and am having problems deploying the UC320w into these networks in a greyfield scenario with the latest RV180w firmware update (1.0.2.6). I am following the published Cisco document for configuring the up-front firewall, but cannot get the RV180w to forward the required packets to the UC320w. Prior to this firmware update, everything worked OK with the RV180w configured with DMZ to the 192.168.2.254 address per the Cisco greyfield docs. All customers are using NexVortex SIP trunking. With the RV180w, inbound calls either do not ring the phones or ring but exhibit one-way communication when answered. Of course, everything works fine if I connect the UC320w as the only router in the network, and things work OK if I downgrade the firmware on the RV180w.

Has anyone else had success using the RV180w with latest firmware in a UC320w greyfield deployment?

There are likely problems with the RV180w DMZ in this latest update, similar to ongoing documented problems with the RV120w. If I can't get DMZ to work properly with these routers, what ports should be forwarded to the UC320w? I have tried forwarding TCP and UDP 5060 to the UC320, but still cannot receive inbound calls.

Here is my router configuration on the RV180w devices:

VLAN 4 created, untagged on LAN port 4

VLAN 4 configured with IP 192.168.2.253 (255.255.255.252)

DHCP off on VLAN 4

VLAN 1 untagged on LAN ports 1, 2, 3

VLAN 1 configured with IP 192.168.10.5 (255.255.255.0)

DHCP off on VLAN 4 (DHCP provided on customer network by Small Business Server)

WAN configured with public static IP address from DSL modem

Port forwarding configured for the Small Business Server (Ports 80, 443, 25, etc. forwarded to server static LAN IP)

DMZ Mode configured to forward all remaining incoming traffic to the UC320 at 192.168.2.254

Enable SIP ALG Option in Firewall checked

UC320w configuration:

UC320w Topology: Routes Voice Only

UC320w VLAN 1 configured at 192.168.10.6 (255.255.255.0)

UC320w VLAN 100 at defaults

UC320w WAN configured at 192.168.2.254 (255.255.255.252) GW 192.168.2.253

Labels:
0 Helpful
2 Replies 2

Nagaraja Thanthry
Cisco Employee
Cisco Employee

‎03-19-2013 11:44 AM

Hello Andy,

What kind of Internet Connection you have? If you have not done already, can you open a case with SBSC for the RV180? Also, when you say that downgrading the firmware resolves the issue, is there any specific reason you need to use the newer firmware?

Nagaraja

0 Helpful

Andy Williams
Level 1
Level 1
In response to Nagaraja Thanthry

‎03-19-2013 02:24 PM

Hello Nagaraja,

All of these customers use some form of DSL or ATT Uverse. In all cases, the modem is placed into the normal bridged mode or DMZ mode so that there is no firewall at all - the RV180w gets the ISP static IP address on it's WAN port, and provides firewall for the entire network, including the UC320.

I really don't have time to help Cisco beta test these RV routers. This has been a constant problem that is often documented with "use port forwarding instead of DMZ", which requires me to dig into exactly what ports need to be open to the UC320 - thus the reason for this question.

There are several other bugs with RV180w IPSEC VPN and user interface issues that this firmware update appears to address, so I really need these two fully updated Cisco Small Business products to work with each other.

Andy

0 Helpful
Customers Also Viewed These Support Documents