Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1839
Views
0
Helpful
6
Replies

UC520 - Can't call IN on SIP connection, out is fine.

Go to solution
Steven Heinsius
Cisco Employee
Cisco Employee

‎07-20-2011 05:05 AM - edited ‎03-21-2019 04:22 AM

Good afternoon,

I've tried everything, but just can't find the solution to my configuration error.

Somehow we can Call out, but we Can NOT call in.

In- and Outgoing connections work on an ISDN connection. But we want to get it working with a SIP provider.

We've checked the SIP account, it is valid and working so the mistake is in our configuration.

We did a Debug, and we think here's the mistake, but I'm not sure of what Command String I should put in.

Please advise!

---------\

Dial-Peer 1000

There's something wrong with Dial-Peer 1000, as it doesn't pick it up, but sends it back to the PSTN.


UC520#show dial-peer voice summary

dial-peer hunt 0

             AD                                    PRE PASS                OUT

TAG    TYPE  MIN  OPER PREFIX                  DEST-PATTERN                  FER THRU SESS-TARGET    STAT PORT    KEEPALIVE

54     pots  up   up                                            0[2-8]......                            4                      up   trunkgroup ALL_BRI

1054   voip  up   up                                         0[2-8]......                           1  syst sip-server

-------------\

!

dial-peer voice 1000 voip

permission term

description ** Incoming call from SIP trunk (Budgetphone) **

session protocol sipv2

session target sip-server

incoming called-number .%

voice-class codec 1 

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs3 signaling

no vad

!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Darren DeCroock
Level 4
Level 4
In response to Mike Wyzykowski

‎07-21-2011 05:53 AM

Steven,

That is not the ACL that we need to check.  104 is the normal ACL for the WAN interface, but if this is an ACL issue, it would likely be blocked by the ACL for the "SIP source-group".  Here is what you are looking for in the config:

voice source-group CCA_SIP_SOURCE_GROUP_EXTERNAL

  access-list 3

As a test to see if this is causing your problem, I would just test this by removing the access-list:

config T

voice source-group CCA_SIP_SOURCE_GROUP_EXTERNAL
no access-list 3

Then test an inbound call.  If that works, you will not want to leave the access list out, we just need to add to the "permited" list of IP addresses.  This can be done though CCA under the SIP configuration.

Thank you,

Darren

View solution in original post

0 Helpful
6 Replies 6

Go to solution
David Trad
VIP Alumni
VIP Alumni

‎07-20-2011 04:16 PM

Hi Steven,

As silly as this sounds, have you checked to see if the IP address of the SIP-Server (Your ITSP) is in te3h ACL's ?

If you are using CLI you will need to input this in manually, if you are using CCA then add their IP address in as a trusted address...

If out-bound are working, then the chances of the problem being at your end are quite high, so just have a quick look at the ACL's in place.

Cheers,

David.

Cheers, David Trad. **When you rate a persons post, you are indicating a thank you or that it helped, but at the same time you are also helping to maintain the community spirit - You don't have to rate posts and you wont be looked down upon :) *
0 Helpful

Go to solution
Steven Heinsius
Cisco Employee
Cisco Employee
In response to David Trad

‎07-21-2011 01:07 AM

Thanks for your reply David.

It is a good suggestion, not stupid at all. But unfortunately the ACL's look OK.

Dit staat in de config.

access-list 104 remark auto generated by SDM firewall configuration##NO_ACES_21##

access-list 104 remark SDM_ACL Category=1

access-list 104 permit udp host 83.143.188.165 eq 5060 any

access-list 104 permit udp host 83.143.188.165 any eq 5060

access-list 104 permit udp host 192.168.10.1 eq 5060 any

0 Helpful

Go to solution
Mike Wyzykowski
Level 1
Level 1

‎07-21-2011 05:26 AM

Try removing permission term from dial-peer voice 1000 voip.  You will want to put it back eventually.  If inbound works with permission term removed on the dial peer it I may have some suggestions based on your config.

0 Helpful

Go to solution
Darren DeCroock
Level 4
Level 4
In response to Mike Wyzykowski

‎07-21-2011 05:53 AM

Steven,

That is not the ACL that we need to check.  104 is the normal ACL for the WAN interface, but if this is an ACL issue, it would likely be blocked by the ACL for the "SIP source-group".  Here is what you are looking for in the config:

voice source-group CCA_SIP_SOURCE_GROUP_EXTERNAL

  access-list 3

As a test to see if this is causing your problem, I would just test this by removing the access-list:

config T

voice source-group CCA_SIP_SOURCE_GROUP_EXTERNAL
no access-list 3

Then test an inbound call.  If that works, you will not want to leave the access list out, we just need to add to the "permited" list of IP addresses.  This can be done though CCA under the SIP configuration.

Thank you,

Darren

0 Helpful

Go to solution
Steven Heinsius
Cisco Employee
Cisco Employee
In response to Darren DeCroock

‎07-21-2011 07:42 AM

Thanks Darren!

You solved it!

It works!

Support Forum rocks!

Thanks everyone for thinking with me.

0 Helpful

Go to solution
Darren DeCroock
Level 4
Level 4
In response to Steven Heinsius

‎07-21-2011 08:25 AM

Steven,

I am glad it is now working..  Just wanted to note, that you should not just leave that access-list out of the configuration.  This is in place to prevent toll-fraud.  Now that you know what the issue is, you just need to get the ACL configured correctly..

Thank you,

Darren

0 Helpful
Customers Also Viewed These Support Documents