[asterisk-users] Cisco 7960 become UNREACHABLE behind pix firewall
Troy Davis
troy at yort.com
Mon Mar 29 00:25:49 CDT 2010
>
> I have about 10 Cisco 7960s behind a PIX 506E (IOS v6.3) firewall.
> After some period of time, asterisk says that some of them are
> unreachable, and the phones lose their registration.
> The only way to make the phones recover is to clear the NAT
> translation tables for the phones on the PIX (clear xlate...)
> Does anyone know how to fix this? As you can imagine, it is quite
> annoying. And it does not happen to all the phones either.
>
> sip fixup is enabled on the PIX
>
Are you able to TFTP new phone configs? Assuming so, and it's for only 10
phones, try decreasing the registration time. I've got a 7960 on my desk
and documented it with a TFTP-ready config:
http://help.cloudvox.com/faqs/sip-phones/cisco-7900-ip-phone
It's at the end, commented out. I don't think that config's been used much
- most Cloudvox folks are just using SIP to test their AGI apps, not as
primary phones.
If you want another data point that still crosses your NAT boundary, feel
free to sign up for and register with Cloudvox and see whether your
registration lasts, using that same config. We switched to pay-as-you-go
pricing, so even the free accounts include SIP. If your registrations to
Cloudvox also time out, it's probably the PIX.
Troy
--
Cloudvox -- http://cloudvox.com/
"Asterisk in the cloud" -- AGI, HTTP/JSON, SIP, REST, live in minutes
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20100328/e823421b/attachment.htm
More information about the asterisk-users
mailing list