Wrong sip headers via tunnelspecified VPN

kaliga · ‎04-04-2019

Can not register on sip server, but all other services works good.
Cisco ASA 5520.
L2-VPN. Without NAT-translation.
OS: Linux and Windows
split-tunnel-policy: tunnelspecified

In case of using ASA "tunnelspecified" routing policy (with default gateway "eth1") all services works correct, but can not register on sip server because sip-packet contains wrong IP in sip-headers "Via:" and "Contact:". More definitely say, IP takken from eth1(with is default-gw device) and not from tun0 device.
In case of default gw device on local machine is tun0 , sip registration is Ok.

local machine:
eth1 ip: 192.168.15.8 (local machine ip)
tun0 ip: 192.168.105.68 (local machine ip takken from Cisco)
sip.example.com ip: 192.168.37.29

Case of wrong ip in headers (with default gw via eth1):
# route -n
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.15.1 0.0.0.0 UG 0 0 0 eth1
192.168.15.0 0.0.0.0 255.255.255.0 UG 0 0 0 eth1
192.168.105.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
192.168.37.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0

# ip route get 192.168.37.29
192.168.37.29 dev tun0 src 192.168.105.68

---------tcp-dump on local machine in failure case----------------
19:47:05.206505 IP (tos 0x0, ttl 64, id 10814, offset 0, flags [DF], proto UDP (17), length 813)
192.168.105.68.5060 > 192.168.37.29.5060: [udp sum ok] SIP, length: 785
REGISTER sip:sip.example.com SIP/2.0
Via: SIP/2.0/UDP 192.168.15.8:5060;rport;branch=z9hG4bKPj8f332cbc-0074-4794-b2c0-8c5748577368
Route: <sip:sip.example.com:5060;lr>
Max-Forwards: 70
From: <sip:kaliga@sip.example.com>;tag=c976134a-9297-44ab-b6ca-a5798ee26704
To: <sip:kaliga@sip.example.com>
Call-ID: 2c50c789-fb0c-40c6-8004-8bc439a3f079
CSeq: 39963 REGISTER
User-Agent: SFLphone/1.4.1
Contact: <sip:kaliga@192.168.15.8:5060>
Expires: 60
Allow: PRACK, SUBSCRIBE, NOTIFY, REFER, INVITE, ACK, BYE, CANCEL, UPDATE, INFO, OPTIONS, MESSAGE, PUBLISH
Authorization: Digest username="kaliga", realm="example.local", nonce="57B3BBD788CAEAC0A292724F60111466", uri="sip:sip.example.com", response="ca2b4cda7828aabaa137d9981ea7b4f7", algorithm=MD5

-------------------------------------

Case of correct ip in headers (with default gw via tun0):
# route -n
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 tun0
192.168.105.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
0.0.0.0 192.168.167.1 0.0.0.0 UG 1024 0 0 eth1
192.168.103.10 192.168.167.1 255.255.255.255 UGH 0 0 0 eth1
192.168.15.0 0.0.0.0 255.255.255.128 U 0 0 0 eth1

---------tcp-dump on local machine in success case----------------

20:08:15.750047 IP (tos 0x0, ttl 64, id 40613, offset 0, flags [DF], proto UDP (17), length 806)
192.168.105.68.5060 > 192.168.37.29.5060: [udp sum ok] SIP, length: 778
REGISTER sip:sip.example.com SIP/2.0
Via: SIP/2.0/UDP 192.168.105.68:5060;rport;branch=z9hG4bKPjfb6f37cb-42c4-4ff4-8647-18ce22ac2623
Route: <sip:extsip.naumen.ru:5060;lr>
Max-Forwards: 70
From: <sip:kaliga@sip.example.com>;tag=92f6c8b0-88a5-489e-b6cb-e551b0ce6fe9
To: <sip:kaliga@sip.example.com>
Call-ID: 4b90ad5e-40be-4e0c-a3aa-1f6297c82218
CSeq: 1741 REGISTER
User-Agent: SFLphone/1.4.1
Contact: <sip:kaliga@192.168.105.68:5060>
Expires: 60
Allow: PRACK, SUBSCRIBE, NOTIFY, REFER, INVITE, ACK, BYE, CANCEL, UPDATE, INFO, OPTIONS, MESSAGE, PUBLISH
Authorization: Digest username="kaliga", realm="example.local", nonce="9D4F40523B53253EA96C2198A210A025", uri="sip:sip.example.com", response="cd47b6bb22cb3cbed602102aeea9eb48", algorithm=MD5
-------------------------------------

kaliga · ‎04-09-2019

Is it possible to rewrite sip headers on Cisco ASA? Turning off and on default sip and skinny inspection had no effect.