![]() ![]() Normally you should configure in 3CX server a static public IP and disable STUN. The case with ASA 5505 or 8xx or other routers is different, you may rely on Cisco's SIP ALG for correctly handling NAT for SIP/SDP packets. Policy-map type inspect dns preset_dns_mapĬisco routers and Cisco ASA are probably the only devices implementing correctly SIP ALG.ģCX generally recommends switching off SIP ALG functionality, which I also recommend for most of the NAT devices, simply they are not doing it correctly (there is a Cisco CLI command to disable SIP ALG, if you want to do this, check Cisco manual). No threat-detection statistics tcp-intercept ![]() Snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absoluteĭynamic-access-policy-record DfltAccessPolicy Nat (inside,outside) source static i89.0.3.1-chatterbox oA.A.A.A-chatterboxĪccess-group inside_access_in in interface insideĪccess-group outside_access_in in interface outside Icmp unreachable rate-limit 1 burst-size 1 Network-object object oA.A.A.A-chatterboxĪccess-list inside_access_in extended permit icmp any anyĪccess-list inside_access_in extended permit ip object i89.0.3.1-chatterbox anyĪccess-list outside_access_in extended permit icmp any anyĪccess-list outside_access_in extended permit ip object-group DM_INLINE_NETWORK_2 object-group DM_INLINE_NETWORK_1 Network-object object i89.0.3.1-chatterbox Same-security-traffic permit inter-interface I have had to butcher this a bit to ensure our public data is removed ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |