Hi guys,
I am very new in PA administration and I am trying to set up voice communication between cisco telepresence sx-20 located with private IP address in my Internal network to some terminals outside the network. I am using IP address like calling number when I am trying to establish the connection.
I have tried a lot of configurations, but no one work. In last - I use static NAT and DNAT : (telepr ext test"(an IP address which is attached to the external interface), Telepresence - sx-20)
and security rule which allow any external traffic to destination "telepr ext test" with basic applications which is needed:
I have rule which allows the traffic from sx-20 to the internet too. I succeed and establish the call to some online test cisco IP addresses for example 71.14.2.158, but no audio or video traffic was received. In monitor tab I saw that the session-end-reason is "tcp-rst-from-server" for apps h.225 and h.245. With Pakcet capture I saw a successfully TCP connection between both sides (my sx-20 and outside terminal-71.14.2.158).
If my config is wrong, what NAT rule/rules should I make/or not to do this task? And what kind of security rules? Any help will be appreciate very well
Thank you very much in advance.
Feel free to ask me anything if I was not so clear.
Best regards,
Maksim
You are right that it is not necessary a DNAT rule, but i have tried a lot of other configurations. Now i have done only one NAT rule with bi-directional: yes with our External GW which is the exit point to the internet:
It should be more clear on this way, but again still not work. I have changed the security policy to:
Is it possible to have a "problem" with the outside terminal (71.14.2.158)? I see rtp/rtcp packets back to External GW, but the session end reason for h.245 and h.225 in monitor tab for outgoing connections is "tcp-rst-from-server". I establish the call, but with no video or audio. Should I receive after all those packets or not?
Thank you very much once again for your answers!
