BrokenIT69
IS-IT--Management
Hello,
I am in the process of upgrading our site firewall from a Cisco ASA to a Cisco Meraki.
Initial tests are going good with S2S tunnels and general internet daily tasks.
The problem I have is the SIP.
Our phone suppliers gave me the information which I confirmed on the current ASA config but the phones are not working.
IF a user receives a call, they can answer but cannot hear the other person down the line, although they can hear them (one way audio).
Also no outgoing calls are allowed.
The firewall goes down when public address whilst the voip goes down another address in the pool of addresses we have allocated from the isp.
I even got the phone tech to put the sip down the same line as the data.
FW IP - 10.11.12.14
VOIP - 10.11.12.15
PBX 192.168.2.216
DSP 192.168.2.217
Open Ports
5060 UDP
16000-16200 UDP
22.33.44.0/24 SIP Main
22.33.45.0/24 SIP Failover
So I have created on the meraki the following 1:Many NATs
Public address: 10.11.12.15
Description Protocol Pub port Lan IP Local Port Allowed Remote IPS.
SIP UDP 5060 192.168.2.216 5060 22.33.44.0/24,22.33.45.0/24
VOIP UDP 16000-16200 192.168.2.217 16000-16200 22.33.44.0/24,22.33.45.0/24
I know that Meraki doesn't support ALG and the current ASA I have in place has it enabled so is there an option on the NS700 which disables this?
Any help will be greatly appreciated as I am unable to move forward.
Regards, Ash
I am in the process of upgrading our site firewall from a Cisco ASA to a Cisco Meraki.
Initial tests are going good with S2S tunnels and general internet daily tasks.
The problem I have is the SIP.
Our phone suppliers gave me the information which I confirmed on the current ASA config but the phones are not working.
IF a user receives a call, they can answer but cannot hear the other person down the line, although they can hear them (one way audio).
Also no outgoing calls are allowed.
The firewall goes down when public address whilst the voip goes down another address in the pool of addresses we have allocated from the isp.
I even got the phone tech to put the sip down the same line as the data.
FW IP - 10.11.12.14
VOIP - 10.11.12.15
PBX 192.168.2.216
DSP 192.168.2.217
Open Ports
5060 UDP
16000-16200 UDP
22.33.44.0/24 SIP Main
22.33.45.0/24 SIP Failover
So I have created on the meraki the following 1:Many NATs
Public address: 10.11.12.15
Description Protocol Pub port Lan IP Local Port Allowed Remote IPS.
SIP UDP 5060 192.168.2.216 5060 22.33.44.0/24,22.33.45.0/24
VOIP UDP 16000-16200 192.168.2.217 16000-16200 22.33.44.0/24,22.33.45.0/24
I know that Meraki doesn't support ALG and the current ASA I have in place has it enabled so is there an option on the NS700 which disables this?
Any help will be greatly appreciated as I am unable to move forward.
Regards, Ash