Avaya Support Forums  

Go Back   Avaya Support Forums > Avaya Aura & Unified Communications

Closed Thread
 
Thread Tools Search this Thread Display Modes
  #1  
Old 07-06-2016, 11:29 AM
lazar24 lazar24 is offline
Hot Shot
 
Join Date: Jun 2016
Posts: 13
lazar24 has 10 reputation points
Default SIP trunk from SessMan to ISP over NAT without SBC

Hello,

I'm wondering is there any way to get this working over NAT on asa 5525-x (asa941-smp-k8.bin)?
Inspect UDP SIP is on, I see it trying to reach ISP server and it even does successfully, ISP sends the reply (200 OK) back and it never gets there. No matter what I do, I get 408 in monitoring. If I turn inspect off, situation changes vice versa: I see my trunks are UP, ISP says he gets 408. Show sip on asa gives a bunch of:

call-id 8895796923645224@172.16.63.206
CSeq: OPTIONS
From: sip:172.16.63.207;0677691546696435_local.146780781 3015_8945_8944
To: sip:10.155.1.219;SDtf7u099-ytisyszs
state Call init, timeout 0:03:00 idle 0:01:30
Transaction State Timeout Idle
Cseq 2 OPTIONS Transaction Proceeding0:03:00 0:01:30

I tried static NATing, dynamic PAT, one-to-one - same result. I can't configure it without NAT cause ISP is accepting SIP traffic only from a /30 address he gave me, so I have to NAT source to this address to reach their gateway, I can't straight put this inside my network for obvious reasons.
I've read a lot and it seems the problem is SIP incapsulating reg interface IP inside user data in the protocol and ASA has problem analising the payload dynamically in certain cases, seems I've got that one case (
I've also tried to use adaptations to rewrite sip:172.16.63.207 to .206, I was told that could help, but no success, can't get those adaptation to work properly. I'm reading ahead this now, but wondering if there is a better way of accomplishing this.
I understand SBC will solve my problem but the goal now is to present a working environment WITHOUT SBC, there are reasons for this...
If anyone can direct me to how solve this without SBC, SIP proxiing, asterisk's-in-the-middle etc. - that would be totally GREAT.
Thank You very much in advance.

Last edited by lazar24; 07-06-2016 at 11:55 AM.
  #2  
Old 07-08-2016, 04:51 AM
lazar24 lazar24 is offline
Hot Shot
 
Join Date: Jun 2016
Posts: 13
lazar24 has 10 reputation points
Default

Solved it with static "twice nat" and sip inspection on.
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -7. The time now is 11:04 PM.

This Forum is provided solely for the use and convenience of Avaya customers and partners. Use of the Forum is subject to the Terms and Use and Privacy Statement found at www.avaya.com. No other use is permitted. The Forum including all content posted is “AS IS” and Avaya expressly disclaims all warranties and/or guarantees as to its accuracy, reliability, usefulness, quality or non-infringement of intellectual property. Avaya reserves the right to remove any content posted on the Forum at any time and for whatever reason.

Avaya will not be liable for any content posted on this Forum, including, without limitation, any errors or omissions or for any losses or damages of any kind incurred as a result of use or reliance on any content, regardless of its origin.

You expressly understand and agree that you assume all risks associated with use or reliance on this content.