Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
528
Views
0
Helpful
1
Replies

Using CUPC over Remote Access VPN (ASA)

paultribe
Level 1
Level 1

‎09-02-2010 07:26 AM - edited ‎02-21-2020 04:49 PM

I have an issue whereby when a user connects to their infrastructure via VPN and they connect to the CUPC server, they do not get any presence information. I read other posts which suggested that turning off SIP inspection would resolve the issue. This did work to an extent however, when I made the change and the user logged back in to CUPC all the presence user ids changed from username@company.com to 1111@company.com (1111 being the extension number rather than user id). Therefore the change whilst fixing one issue appears to have introduced another.

Also, am I right in thinking that disabling SIP inspection would ultimately cause problems if the customer did want to allow SIP voice or messaging through the ASA also.

Does anyone know how to fix the new issue or are there any design guides for this to get CUPC working whilst retaining SIP inspection ?

Thanks

Paul

Labels:
0 Helpful
1 Reply 1

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎09-04-2010 03:28 AM

Paul,

Looks to me a strange behavior in SIP inspection. Normally on a VPN if no NAT is done you can safely disengage SIP inspection (unless you also need dynamic pinholes to be created for some reason).


I'd say get the ASA to latest CCO image in your train and if that still does not work - open a TAC case.

Marcin

0 Helpful
Customers Also Viewed These Support Documents