From: brech@kc.rr.com
Date: Thu Mar 17 2005 - 11:10:01 GMT-3
There a few gotchas, I ran into a situation where the H323 fixup didn't work correctly on Pix 6.2 code after 5 minutes calls were dropped religously. The solution from TAC was to turn off H323 fixup if it wasn't being used for anything else. This did correct that issue. However we have a small call center and about once a month the calls from IP to PSTN would stop working {about every 1.5 months} and the 2620 Gw would need to be reloaded to correct it, They would signal through and ring on the destination but no audio cut-through. This is because even though we were allowing the ports listed on this table through the firewall the H225 protocol used other ports after a while, upgrading the pix to 6.3 and turning the h323 fixup back on corrected this.
In our topology the VGW and the IP phones are on the same voice vlan, the CM is behind a firewall, traffic between IP phones was never affected.
----- Original Message -----
From: Andy Bennett <Andy.Bennett@instinet.co.uk>
Date: Thursday, March 17, 2005 7:59 am
Subject: Re: Voice and Access-Lists
> This should help.
>
> http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_tech_note09186a00801a62b9.shtml#topic1
>
> Saves you the effort of sniffing the ports.
>
> Andy..
>
>
>
>
>
> robbie
>
> Sent by:
>
> nobody@groupstudy
> To
> .com Richard Anderson
>
>
> <richard.p.anderson@sbcglobal.net>
>
> cc
> 17/03/2005 13:16 ccielab@groupstudy.com
>
>
> Subject
> Re: Voice and Access-Lists
>
> Please respond to
>
> robbie
>
> <robbie@packetize
>
> d.org>
>
>
>
>
>
>
>
>
>
> I'd recommend using a program like tcpview to watch outbound ports
> fromyour servers (I assume they're running on Windows NT/2000) to
> the phones
> as they make a call - you should be able to watch TCP and UDP sockets
> and endpoints as they are opened on the server, allowing you to
> get an
> idea of what's being used when a particular event occurs. I'm sure
> there's some documentation out there as to what ports are used by
> all of
> these, but I'm guessing you've looked around on Google and haven't
> beenable to find anything.
>
> HTH,
> robbie
>
>
> Richard Anderson wrote:
> > What is the best way to troubleshoot Access-List issue?
> >
> > Previous vendor has created access-list between IP Phone VLANS
> and Call
> > Manager VLANS.
> >
> > For example,
> >
> > Call Manager, Cisco Conference Connection, and Unity is on VLAN 10
> > /10.1.1.0/24, and IP Phones are on VLAN 20/10.1.2.0/24. Certain
> things> wouldn't work such as One way communication, Users can
> join the
> conference,
> > but can only hear one way.
> >
> > Is there any way to find what port are used by these services,
> and then I
> > can open it one by one.
> >
> > Any reference and feedback will be appreciated.
> >
> > Note: If I remove the access-list everything works fine so for
> sure it
> is
> > an access-list.
> >
> > Regards,
> >
> > Richard.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Apr 03 2005 - 17:56:47 GMT-3