CONFIGURE CISCO PIX PDM FOR VOIP

Discussion in 'Cisco' started by Richard Loy, Aug 21, 2004.

  1. Richard Loy

    Richard Loy Guest

    Hi,

    My company has a CISCO PIX 515E. I wish to configure it to allow VoIP
    traffic. The only way I know how is through using the PDM interface
    'cause I am not trained in using the command line So how can I
    configure it to allow an external VoIP gateway server to access the IP
    phones in my network and vice versa? The port needed to be opened is
    UDP 6060. I do not mind receiving instructions in command line so
    long as you let me know how to save it permanently.

    Thanks.

    Richard
     
    Richard Loy, Aug 21, 2004
    #1
    1. Advertising

  2. In article <>,
    Richard Loy <> wrote:
    :My company has a CISCO PIX 515E. I wish to configure it to allow VoIP
    :traffic. The only way I know how is through using the PDM interface
    :'cause I am not trained in using the command line So how can I
    :configure it to allow an external VoIP gateway server to access the IP
    :phones in my network and vice versa? The port needed to be opened is
    :UDP 6060.


    You should rethink this matter. VoIP packets need end-to-end QoS
    (Quality of Service) to be served properly, in order and with priority
    over (say) web page browsing. The PIX does not, however, support
    QoS at all in any released version [but might in the version that
    is currently in beta.]


    :I do not mind receiving instructions in command line so
    :long as you let me know how to save it permanently.

    Log on to the pix. The default username is 'pix' (you need to know
    that if you are using ssh). Put in your first level password. Give
    the command 'enable'. Put in your enable password. Give the command
    'config term'. Type in all the commands you need to add the accesses
    you want. When you have entered all the commands, enter the command
    'write mem' to save the configuration to the boot-time memory. Then
    type in as many 'exit' commands as you need to log off.
    --
    I don't know if there's destiny,
    but there's a decision! -- Wim Wenders (WoD)
     
    Walter Roberson, Aug 21, 2004
    #2
    1. Advertising

  3. Richard Loy

    Rik Bain Guest

    On Sat, 21 Aug 2004 10:00:10 -0500, Richard Loy wrote:

    > Hi,
    >
    > My company has a CISCO PIX 515E. I wish to configure it to allow VoIP
    > traffic. The only way I know how is through using the PDM interface
    > 'cause I am not trained in using the command line So how can I
    > configure it to allow an external VoIP gateway server to access the IP
    > phones in my network and vice versa? The port needed to be opened is
    > UDP 6060. I do not mind receiving instructions in command line so long
    > as you let me know how to save it permanently.
    >
    > Thanks.
    >
    > Richard


    What protocol are you using? UDP/6060 really doesn't ring a bell with
    me. Perhaps SIP? Either way, the pix has several "fixups". Some of
    which cover voice protocols (SCCP/H323/SIP). But, there is no magic
    bullet....many bugs abound, and some vendors require you to disable nat
    and turn fixups off.

    Post more specifics.....

    Rik
     
    Rik Bain, Aug 22, 2004
    #3
  4. Richard Loy

    Richard Loy Guest

    Hi Rik,

    My mistake. It should be UDP 5060, SIP. I could get a dial tone when
    the IP Phone is plug in to my LAN. When I tried to dial a telephone
    number, it just showed 'Calling XXXX' on its LCD panel, with no
    indication of remote phone ringing. The remote phone is actually my
    normal desk phone which, of course, did not ring. The IP phone vendor
    instructed that my PIX should release the UDP port 5060 for both
    incoming and outgoing to their SIP server at IP, say, 61.8.xxx.xxx.
    Please pardon my ignorance. When configuring my PIX using PDM, should
    I add any entry to my 'inside interface' and/or 'outside interface'?
    Should their SIP server be source or destination? And, finally, which
    is the inside, and which is the outside interface?

    Regards,
    Richard



    Rik Bain <> wrote in message news:<4127d851$0$57342$>...
    > On Sat, 21 Aug 2004 10:00:10 -0500, Richard Loy wrote:
    >
    >
    > What protocol are you using? UDP/6060 really doesn't ring a bell with
    > me. Perhaps SIP? Either way, the pix has several "fixups". Some of
    > which cover voice protocols (SCCP/H323/SIP). But, there is no magic
    > bullet....many bugs abound, and some vendors require you to disable nat
    > and turn fixups off.
    >
    > Post more specifics.....
    >
    > Rik
     
    Richard Loy, Aug 22, 2004
    #4
  5. Richard Loy

    Richard Loy Guest

    Hi Walter,
    Thanks for the tips on saving settings permanently in the PIX using
    command line. The IP Phones are on trial so that I can actually
    experience the QoS, since the vendor claim that it is great quality.

    Regards,
    Richard


    -cnrc.gc.ca (Walter Roberson) wrote in message news:<cg8hmd$6ls$>...
    > In article <>,
    > Richard Loy <> wrote:
    > :My company has a CISCO PIX 515E. I wish to configure it to allow VoIP
    > :traffic. The only way I know how is through using the PDM interface
    > :'cause I am not trained in using the command line So how can I
    > :configure it to allow an external VoIP gateway server to access the IP
    > :phones in my network and vice versa? The port needed to be opened is
    > :UDP 6060.
    >
    >
    > You should rethink this matter. VoIP packets need end-to-end QoS
    > (Quality of Service) to be served properly, in order and with priority
    > over (say) web page browsing. The PIX does not, however, support
    > QoS at all in any released version [but might in the version that
    > is currently in beta.]
    >
    >
    > :I do not mind receiving instructions in command line so
    > :long as you let me know how to save it permanently.
    >
    > Log on to the pix. The default username is 'pix' (you need to know
    > that if you are using ssh). Put in your first level password. Give
    > the command 'enable'. Put in your enable password. Give the command
    > 'config term'. Type in all the commands you need to add the accesses
    > you want. When you have entered all the commands, enter the command
    > 'write mem' to save the configuration to the boot-time memory. Then
    > type in as many 'exit' commands as you need to log off.
     
    Richard Loy, Aug 22, 2004
    #5
  6. In article <>,
    Richard Loy <> wrote:
    :My mistake. It should be UDP 5060, SIP.

    :The IP phone vendor
    :instructed that my PIX should release the UDP port 5060 for both
    :incoming and outgoing to their SIP server

    If you are using PIX 6.3(2) or later [as I recall], ensure you have

    fixup protocol sip udp 5060

    Some of the older PIX support

    fixup protocol sip 5060

    (without the keyword 'udp')


    :please pardon my ignorance. When configuring my PIX using PDM, should
    :I add any entry to my 'inside interface' and/or 'outside interface'?

    As the vendor wants incoming and outgoing -- you'd want entries
    under both.

    :Should their SIP server be source or destination?

    The source for your rule permitting incoming SIP, and the destination
    for the rule permitting outgoing SIP.

    : And, finally, which
    :is the inside, and which is the outside interface?

    outside is where the WAN connection is plugged in. Inside is where your
    LAN connection is plugged in. Think of being "inside" a walled fortress,
    being attacked from "outside".
    --
    Before responding, take into account the possibility that the Universe
    was created just an instant ago, and that you have not actually read
    anything, but were instead created intact with a memory of having read it.
     
    Walter Roberson, Aug 22, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Michiel
    Replies:
    4
    Views:
    4,741
    Michiel
    Aug 22, 2006
  2. Michiel
    Replies:
    2
    Views:
    983
    Michiel
    Aug 22, 2006
  3. Michiel
    Replies:
    19
    Views:
    1,234
    Michiel
    Aug 24, 2006
  4. Michiel
    Replies:
    0
    Views:
    2,358
    Michiel
    Aug 25, 2006
  5. Giuen
    Replies:
    0
    Views:
    1,498
    Giuen
    Sep 12, 2008
Loading...

Share This Page