?
Solved

Cisco asa 5505 VOIP issues

Posted on 2009-04-30
22
Medium Priority
?
9,301 Views
Last Modified: 2012-05-06
I have a small office with a Cisco ASA 5505 , 3 users and voice over Ip from Vocalocity.  they have cable internet that is 10mb down and 1.5 up.  it seems stable.  Their inbound quality is fine, but outbound is bad to unusable.  Several times a day their phones go from green to yellow or red, then they are ok.  Any suggestions would be appreciated.

per vocalocity we removed the SIP per this article
Disable SIP Transformations:#
Enter the following lines on any Cisco router or switch that is performing a NAT on outbound traffic - this will disable SIP specific transformations done on packets going through the NAT.
"no ip nat service SIP udp port 5060




Cisco PIX#


Cisco PIX Offical Support Site

Cisco PIXs general release software (release 6.1 and 6.2) has a limitation that does not allow SIP processing to be disabled for UDP. Cisco provides a maintenance release to allow the disabling of SIP processing for UDP. The specific release tested is 6.2.2.125. This load can be obtained from Cisco through their normal support channels.

Configuring Cisco PIX 6.X for VoIP traffic:#
Once the load is upgraded to 6.2.2.125, enter the command:
"      show configure

You should see the following lines:
"      fixup protocol sip 5060
"      fixup protocol sip udp 5060

To disable SIP processing, enter the commands:
"      no fixup protocol sip 5060
"      no fixup protocol sip udp 5060

Also, the rpc timer needs to be extended or voice path is lost after the default 10 minutes. This can be done by going to the enable prompt and configuring terminal and typing: "timeout rpc never-time-out" and hitting enter. Then save the config to memory and verify the value by typing "sh timeout rpc". It should be listed as 0:00:0

Configuring Cisco PIX Firewall Software Version 7.X#
In Versions 7.x of the PIX software, fixup has been replaced with inspect. This line can be found in either a global or interface specific policy map. A generic configuration will contain entries like this:
class-map inspection_default
match default-inspection-traffic
!
!
policy-map asa_global_fw_policy
class inspection_default
inspect dns maximum-length 512
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
In the example above you would need to enter configuration mode via the command line and execute the following commands (hitting Enter after each line):
"      class-map inspection_default
"      policy-map asa_global_fw_policy
"      no inspect sip
0
Comment
Question by:mathews2001
  • 12
  • 9
22 Comments
 
LVL 32

Expert Comment

by:harbor235
ID: 24273455


Why do you assume it's the PIX's problem? It could be their network? Could be anything, could be your internal network as well.

harbor235 ;}
0
 

Author Comment

by:mathews2001
ID: 24273757
What other direction should we check.  Vocalocity feels like it is a setting on the router.  They also have an SMC poe switch and use the linksys phones.  I understand there are some advanced settings in the phones themselves, but have not looked into that yet.
0
 
LVL 32

Expert Comment

by:harbor235
ID: 24280042


You need to describe your problem in more detail.

harbor235 ;}
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:mathews2001
ID: 24281016
It is bad outbound voice quality.  It is poor and sometimes drops.  Inbound seems fine.  
0
 
LVL 32

Expert Comment

by:harbor235
ID: 24281388


Try changing your codec

harbor235 ;}
0
 
LVL 32

Expert Comment

by:harbor235
ID: 24281396
What codec are you using? Have you tried G729?

harbor235 ;}
0
 

Author Comment

by:mathews2001
ID: 24281606
I am checkin the codec now
0
 

Author Comment

by:mathews2001
ID: 24281769
The RTP Start loopback codec is G711u.  

There is also an option to "force lan codec" set to none.  The other options are G711u and G711a

here is the phone info:
Product Information
Product Name:      SPA-962      Serial Number:      4MM00G803940
Software Version:      5.1.15(aSC)      Hardware Version:      1.0.3(371b)
MAC Address:      000E08DF4948      Client Certificate:      Installed
Customization:      Open      Licenses:      None
0
 

Author Comment

by:mathews2001
ID: 24281774
I have not removed the Inspect SIP statement from the router yet.
0
 
LVL 32

Expert Comment

by:harbor235
ID: 24281918


Try the G729 codec and see if it changes anything

harbor235 ;}
0
 

Author Comment

by:mathews2001
ID: 24282320
I will.  
0
 

Author Comment

by:mathews2001
ID: 24291793
I put the changes in late Friday, so Iwon't know until tomorrow morning the results.  I will post back.
0
 

Author Comment

by:mathews2001
ID: 24295582
The sound quality is better.  No more lost in a hole sound.  But it is still choppy.  Not 100%.  Especially at the first of a conversation.
0
 
LVL 32

Expert Comment

by:harbor235
ID: 24295892



without QOS end to end there is no prioritization of your traffic and it may be choppy. The real question is what does your provider provide you as far as QOS?

harbor235 ;}
0
 

Author Comment

by:mathews2001
ID: 24306618
I added the Priority setting on the inside and outside interface.  I believe thats ASA speak for QOS.  The provider is vocalocity.  As far as I see this travels on the open internet to their servers unless the phones themselves initiate some type of ssh or vpn connection.

I called in and is sounded pretty good.
0
 
LVL 32

Expert Comment

by:harbor235
ID: 24306824


You ASA speaks QOS, but does your provider listen to your QOS markings, that's the question?
Most likely thy do not and your QOS is dropped. You needc to find out if/how they handle it, it makes the difference between prioritization and best effort.

harbor235 ;}
0
 

Author Comment

by:mathews2001
ID: 24327871
Next step is working with the ISP.  I think we have checked everything locally that we can.
0
 

Author Comment

by:mathews2001
ID: 24327877
BTW this worked fine for several months as it sits.  the quality problems started recently.
0
 
LVL 32

Accepted Solution

by:
harbor235 earned 2000 total points
ID: 24328268


Yep, as the network becomes congested thats when prioritization is needed, when there is enough bandwidth things may be fine. QOS is intended to give priority to defined traffic types especially during periods of congestion, this enables the traffic to flow freely during those times.

harbor235 ;}
0
 

Author Comment

by:mathews2001
ID: 24386753
It looks like one of my coworkers cracked it.  The router and network tweaks we changed certainly didn't hurt.

He found that an online backup service we use (mozy) was kicking on during the calls and causing the problems.  It is configurable, but was using mucho bandwidth.  We set it to run at night only and it was an immediate improvement.  We also changed the Jitter setting on the phones themselves.  Thanks for all your suggestions.
0
 
LVL 32

Expert Comment

by:harbor235
ID: 24386862


np, anytime

harbor235 ;}
0
 

Expert Comment

by:llatimer_uk
ID: 24477959
The other way to fix the issue is to on Router or firewall Disable Stateful Packet inspection , Disable Sip transformations, Disable SIP ALG , enable consistent nat Allow all traffic from the vocalocity ip range 64.57.248.132-142
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question