This issue is caused due to

srihari4cisco · ‎10-15-2014

Hello ,

We have an issue with third party video conferencing device.

All the incoming video calls are working fine, but while making outbound video call it drops after 5 seconds on dot. This has not bee working since the device is setup.

The connectivity is something like below.

Video Conferencing unit -> Switch-> ASA firewall (9.1(2) ) -> internet -> End point.

Here are timout values i have in my firewall.

sh run timeout
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00

Any help in this regard is highly appreciated.

Please let me know if you need any more information.

Best Regards,

Sri

cisco.met.co.uk · ‎10-21-2014

I would check the following, it might give you an insight

sh asp drop

http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/command/reference/cmd_ref/s2.html#wp1391007

sh service-policy global

http://www.cisco.com/c/en/us/td/docs/security/asa/asa81/command/ref/refgd/s7.html

you might want to clear the stats fist on both.

checking the log file (forwarding across to a syslog server for a long term view) and/or creating a capture which you can review with wireshark .pcap file

good luck

srihari4cisco · ‎09-18-2015

This issue is caused due to ASA firewall was performing deep packet inspection and dropping specific traffic ( TCP 1720) from H323 and H225 stream. I have removed the inspection for that specific traffic flow and it started working fine.

video call drops at every 5 seconds on dot