Solved

AllWorx Remote Phones and ASA configuration

Posted on 2011-09-30
4
2,165 Views
Last Modified: 2012-05-12
I have an AllWorx 48x controller in a main office with a public IP address on the wAN port  in DMZ/Firewall mode.

I have another location that I am attempting to use the AllWorx 9212 IP phones.

I can get the registration fine without any changes to the ASA 5510 at theremote phone site.
Calls can be generated and received, however there is NO AUDIO in either direction.

Please assist me with using the ASDM tool to modify my current configuration.
I have attempted to use a separate Public IP address for a static NAT and ACL statements that work as afar as accessing the phones web server, but the audio won't work even when I restrict the RTP port range for the phone configuration and set it statically in ASA.

I want to be able to use minimal configuration on the ASA to support multiple remote phones.

Please help.
From AllWorx site:
The following ports must be opened on your remote firewall to allow traffic from the WAN to the LAN IP address of your Allworx Phone:

•UDP port 2088 (BLF Traffic)
•UDP port 5060 (sip registration)
•UDP ports 16384 to 16393 (RTP media streams-Audio)
0
Comment
Question by:NetManaged
  • 2
  • 2
4 Comments
 
LVL 29

Accepted Solution

by:
Alan Huseyin Kayahan earned 500 total points
ID: 36899227
Whenever NAT is involved, VOIP is always problematic. Most probably, everything will work if you somehow manage to assign the public IP directly to Allworks controller.

And the following may help.
http://www.ccietalk.com/2009/08/03/cisco-asa-inspection-issues
0
 

Author Comment

by:NetManaged
ID: 36901251
MrHusy,

     I stated in my original question,"I have an AllWorx 48x controller in a main office with a public IP address on the WAN port  in DMZ/Firewall mode."
0
 

Author Comment

by:NetManaged
ID: 36913915
MrHusy, Points awarded for the link. That was what I needed to do.
Disable VoIP-related inspections. Life is good again.
0
 
LVL 29

Expert Comment

by:Alan Huseyin Kayahan
ID: 36916281
Great =], I interpreted the question as if the public IP was at firewall's interface and posted the link just incase if I misinterpreted.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

This article assumes you have at least one Cisco ASA or PIX configured with working internet and a non-dynamic, public, address on the outside interface. If you need instructions on how to enable your device for internet, or basic configuration info…
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
This video discusses moving either the default database or any database to a new volume.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now