Lifesize room220 behind ASA5505
Posted on 2010-11-10
We are having issues making or receiving video calls on our new Lifesize Room 220, behind an ASA. it is in our DMZ, with a static NAT translation for a public IP.
The following ports are open to it: tcp 1720, tcp 60000-64999 udp 60000-64999 and I have the proper outside ACL applied.
The issue: We have a block of 13 public IPs from Comcast. If I connect directly to the comcast modem with a laptop, pull a public IP, I can access the Lifesize device no problem via its publc IP. It hits the outside interface of the ASA and routes accordingly. . However, anyone outside of our public IP block can NOT access it. I have never seen this issue before.
We thought it was a routing issue with our cable internet provider, but its not. Because if I plug the lifesize directly into the cable modem, it grabs a public IP via DHCP, and works like a charm
I was told by our vendor that these devices had issues behind Cisco devices. Anyone have any experience with this? We have several other publicly accessible devices in this DMZ that don't have any issues.