h248 Megaco/1 W/NAT via PIX 515E

Discussion in 'VOIP' started by Mikeal, Jan 13, 2006.

  1. Mikeal

    Mikeal Guest

    I am fairly new to the world of VOIP networking so please bare with me
    a bit.

    I have a PIX 515e w/ PIX Version 6.3(3)

    Strata extended CTX670
    *VOIP card config is:
    ip 10.10.11.45
    sub 255.255.0.0
    gw 10.10.10.98

    ~~~~~~~~~~~~~

    fixup protocol dns maximum-length 512
    fixup protocol ftp 21
    fixup protocol h323 h225 1720
    fixup protocol h323 ras 1718-1719
    fixup protocol http 80
    fixup protocol ils 389
    fixup protocol rsh 514
    fixup protocol rtsp 554
    fixup protocol sip 5060
    fixup protocol sip udp 5060
    fixup protocol skinny 2000
    no fixup protocol smtp 25
    fixup protocol sqlnet 1521
    fixup protocol tftp 69

    access-list outside_in permit icmp any any
    access-list outside_in permit tcp any host xxx.xxx.xxx.xxx range 1
    65000
    access-list outside_in permit udp any host xxx.xxx.xxx.xxx range 1
    65000

    access-list outbound_access permit tcp any any eq www
    access-list outbound_access permit tcp any any eq https
    access-list outbound_access permit tcp any any eq ftp
    access-list outbound_access permit tcp any any eq aol
    access-list outbound_access permit tcp any any eq 3389
    access-list outbound_access permit tcp any any eq domain
    access-list outbound_access permit udp any any eq domain
    access-list outbound_access permit tcp any any eq ssh
    access-list outbound_access permit tcp any any eq 714
    access-list outbound_access permit icmp any any

    static (inside,outside) xxx.xxx.xxx.xxx 10.10.11.45 netmask
    255.255.255.255 0 0

    ~~~~~~~~~~~~~~~~~~~~

    Inside my NAT network I have a phone working without problem connecting
    to 10.10.11.45

    I have a remote location that I have configured with a static internet
    IP address for a hardware phone. The phone is setup to connect to
    xxx.xxx.xxx.xxx

    The phone does connect and start up correctly but I only get voice in
    one direction.

    Now, I am ASSUMING this is h248 as I have no real documentation that
    says so.
    How I came to assume this is going a bit of packet sniffing using
    ettercap on a FreeBSD machine.

    ~~~~~~~~~~~~~~~~~~~~
    08:44:45 xxx.xxx.xxx.xxx:2944 --> yyy.yyy.yyy.yyy:2659 proto: T

    .....MEGACO/1 [10.10.11.45]:2944
    Transaction = 4547 {
    Context = - {
    Modify = IPT {
    Events = 4547 {
    dkt/up }
    ,
    Signals {
    dkt/down {
    data = "A000AA" }
    }
    }
    }
    }

    08:44:45 yyy.yyy.yyy.yyy:2659 --> xxx.xxx.xxx.xxx:2944 proto: T

    ....RMEGACO/1 [209.103.237.204]
    Reply=4547 {
    Context=- {
    Modify=IPT
    }
    }

    08:44:45 xxx.xxx.xxx.xxx:2944 --> yyy.yyy.yyy.yyy:2659 proto: T

    ....OMEGACO/1 [10.10.11.45]:2944
    Reply = 4394 {
    Context = - {
    Notify = IPT }
    }

    ~~~~~~~~~~~~~~~~~~~~~~~~~~

    Now seeing 10.10.11.45 in the proto transmission makes me wonder if my
    problem is related to NAT issues I have seen talked about on this
    forum. I have looked for a fixup protocol for h248 but I cannot find
    one for my PIX.

    Any suggestions, comments, direction or acts of god would be greatly
    appreciated.

    Mikeal
     
    Mikeal, Jan 13, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Forrest

    Mutiple Subnet NAT on PIX 515e

    Forrest, Jun 27, 2004, in forum: Cisco
    Replies:
    2
    Views:
    1,656
    Forrest
    Jun 27, 2004
  2. Tom
    Replies:
    1
    Views:
    1,315
    Walter Roberson
    Nov 20, 2004
  3. Clemens Schwaighofer
    Replies:
    7
    Views:
    4,513
    Walter Roberson
    Jun 13, 2005
  4. xinumike

    megaco: digitMap

    xinumike, Nov 27, 2005, in forum: VOIP
    Replies:
    0
    Views:
    584
    xinumike
    Nov 27, 2005
  5. Dairenn Lombard

    IPsec-VPN via an Cisco PIX 515E?

    Dairenn Lombard, Jun 29, 2007, in forum: Cisco
    Replies:
    3
    Views:
    1,383
    Scott Perry
    Jul 5, 2007
Loading...

Share This Page