Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 1823 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Nat , Sip , Rule order? -- Need some Assistance with Voip

Desiredfx

Hey guys I could use a little help, we have a hosted voip outside of the network host 208.104.4.80 port 5060 inbound the calls could be one way audio them redial and fine.  the call quality is less than desirable. I have the rules posted in the Screenshots below. We also have another branch that is experience the same issues as this location.

 

The denied traffic is rule 0 but like it can not find the rule correct rule.

Sip module is currently unloaded.  The UDP Stream Timeout is 150.

 

 

 

 



Rules View

 

 

 


console> drop-packet-capture 'dst 208.104.168.2 and port 5060'
2019-06-06 11:37:18 010202107 IP 51.255.109.163.17782 > 208.104.168.2.5060 : proto UDP: packet len: 237 checksum : 49951
0x0000:  4500 0101 6326 4000 2d11 cfb8 33ff 6da3  E...c&@.-...3.m.
0x0010:  d068 a802 4576 13c4 00ed c31f 4f50 5449  .h..Ev......OPTI
0x0020:  4f4e 5320 7369 703a 6e6d 2053 4950 2f32  ONS.sip:nm.SIP/2
0x0030:  2e30 0d0a 5669 613a 2053 4950 2f32 2e30  .0..Via:.SIP/2.0
0x0040:  2f55 4450 206e 6d3b 6272 616e 6368 3d66  /UDP.nm;branch=f
0x0050:  6f6f 3b72 706f 7274 0d0a 4672 6f6d 3a20  oo;rport..From:.
0x0060:  3c73 6970 3a6e 6d40 6e6d 3e3b 7461 673d  <sip:nm@nm>;tag=
0x0070:  726f 6f74 0d0a 546f 3a20 3c73 6970 3a6e  root..To:.<sip:n
0x0080:  6d32 406e 6d32 3e0d 0a43 616c 6c2d 4944  m2@nm2>..Call-ID
0x0090:  3a20 3530 3030 300d 0a43 5365 713a 2034  :.50000..CSeq:.4
0x00a0:  3220 4f50 5449 4f4e 530d 0a4d 6178 2d46  2.OPTIONS..Max-F
0x00b0:  6f72 7761 7264 733a 2037 300d 0a43 6f6e  orwards:.70..Con
0x00c0:  7465 6e74 2d4c 656e 6774 683a 2030 0d0a  tent-Length:.0..
0x00d0:  436f 6e74 6163 743a 203c 7369 703a 6e6d  Contact:.<sip:nm
0x00e0:  406e 6d3e 0d0a 4163 6365 7074 3a20 6170  @nm>..Accept:.ap
0x00f0:  706c 6963 6174 696f 6e2f 7364 700d 0a0d  plication/sdp...
0x0100:  0a                                       .
Date=2019-06-06 Time=11:37:18 log_id=010202107 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port2 out_dev= inzone_id=0 outzone_id=0 source_mac=00:01:5c:6c:28:46 dest_mac=00:1a:8c:6d:66:c9 l3_protocol=IP source_ip=51.255.109.163 dest_ip=208.104.168.2 l4_protocol=UDP source_port=17782 dest_port=5060 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2019-06-06 11:40:00 0103021 IP 74.63.219.62.5083 > 208.104.168.2.5060 : proto UDP: packet len: 412 checksum : 7015
0x0000:  4500 01b0 ca14 4000 3111 e03f 4a3f db3e  E.....@.1..?J?.>
0x0010:  d068 a802 13db 13c4 019c 1b67 4f50 5449  .h.........gOPTI
0x0020:  4f4e 5320 7369 703a 3130 3040 3230 382e  ONS.sip:100@208.
0x0030:  3130 342e 3136 382e 3220 5349 502f 322e  104.168.2.SIP/2.
0x0040:  300d 0a56 6961 3a20 5349 502f 322e 302f  0..Via:.SIP/2.0/
Date=2019-06-06 Time=11:40:00 log_id=0103021 log_type=Firewall log_component=Local_ACLs log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port2 out_dev= inzone_id=2 outzone_id=4 source_mac=00:01:5c:6c:28:46 dest_mac=00:1a:8c:6d:66:c9 l3_protocol=IP source_ip=74.63.219.62 dest_ip=208.104.168.2 l4_protocol=UDP source_port=5083 dest_port=5060 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0x8001 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=984761200 masterid=0 status=256 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

console> drop-packet-capture 'dst 208.104.168.2 and port 5060'
2019-06-06 11:37:18 010202107 IP 51.255.109.163.17782 > 208.104.168.2.5060 : proto UDP: packet len: 237 checksum : 49951
0x0000:  4500 0101 6326 4000 2d11 cfb8 33ff 6da3  E...c&@.-...3.m.
0x0010:  d068 a802 4576 13c4 00ed c31f 4f50 5449  .h..Ev......OPTI
0x0020:  4f4e 5320 7369 703a 6e6d 2053 4950 2f32  ONS.sip:nm.SIP/2
0x0030:  2e30 0d0a 5669 613a 2053 4950 2f32 2e30  .0..Via:.SIP/2.0
0x0040:  2f55 4450 206e 6d3b 6272 616e 6368 3d66  /UDP.nm;branch=f
0x0050:  6f6f 3b72 706f 7274 0d0a 4672 6f6d 3a20  oo;rport..From:.
0x0060:  3c73 6970 3a6e 6d40 6e6d 3e3b 7461 673d  <sip:nm@nm>;tag=
0x0070:  726f 6f74 0d0a 546f 3a20 3c73 6970 3a6e  root..To:.<sip:n
0x0080:  6d32 406e 6d32 3e0d 0a43 616c 6c2d 4944  m2@nm2>..Call-ID
0x0090:  3a20 3530 3030 300d 0a43 5365 713a 2034  :.50000..CSeq:.4
0x00a0:  3220 4f50 5449 4f4e 530d 0a4d 6178 2d46  2.OPTIONS..Max-F
0x00b0:  6f72 7761 7264 733a 2037 300d 0a43 6f6e  orwards:.70..Con
0x00c0:  7465 6e74 2d4c 656e 6774 683a 2030 0d0a  tent-Length:.0..
0x00d0:  436f 6e74 6163 743a 203c 7369 703a 6e6d  Contact:.<sip:nm
0x00e0:  406e 6d3e 0d0a 4163 6365 7074 3a20 6170  @nm>..Accept:.ap
0x00f0:  706c 6963 6174 696f 6e2f 7364 700d 0a0d  plication/sdp...
0x0100:  0a                                       .
Date=2019-06-06 Time=11:37:18 log_id=010202107 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port2 out_dev= inzone_id=0 outzone_id=0 source_mac=00:01:5c:6c:28:46 dest_mac=00:1a:8c:6d:66:c9 l3_protocol=IP source_ip=51.255.109.163 dest_ip=208.104.168.2 l4_protocol=UDP source_port=17782 dest_port=5060 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2019-06-06 11:40:00 0103021 IP 74.63.219.62.5083 > 208.104.168.2.5060 : proto UDP: packet len: 412 checksum : 7015
0x0000:  4500 01b0 ca14 4000 3111 e03f 4a3f db3e  E.....@.1..?J?.>
0x0010:  d068 a802 13db 13c4 019c 1b67 4f50 5449  .h.........gOPTI
0x0020:  4f4e 5320 7369 703a 3130 3040 3230 382e  ONS.sip:100@208.
0x0030:  3130 342e 3136 382e 3220 5349 502f 322e  104.168.2.SIP/2.
0x0040:  300d 0a56 6961 3a20 5349 502f 322e 302f  0..Via:.SIP/2.0/
Date=2019-06-06 Time=11:40:00 log_id=0103021 log_type=Firewall log_component=Local_ACLs log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port2 out_dev= inzone_id=2 outzone_id=4 source_mac=00:01:5c:6c:28:46 dest_mac=00:1a:8c:6d:66:c9 l3_protocol=IP source_ip=74.63.219.62 dest_ip=208.104.168.2 l4_protocol=UDP source_port=5083 dest_port=5060 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0x8001 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=984761200 masterid=0 status=256 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2019-06-06 11:41:30 0103021 IP 185.53.88.209.5064 > 208.104.168.2.5060 : proto UDP: packet len: 419 checksum : 60010
0x0000:  4528 01b7 11f8 4000 3011 aca4 b935 58d1  E(....@.0....5X.
0x0010:  d068 a802 13c8 13c4 01a3 ea6a 4f50 5449  .h.........jOPTI
0x0020:  4f4e 5320 7369 703a 3130 3040 3230 382e  ONS.sip:100@208.
0x0030:  3130 342e 3136 382e 3220 5349 502f 322e  104.168.2.SIP/2.
0x0040:  300d 0a56 6961 3a20 5349 502f 322e 302f  0..Via:.SIP/2.0/
Date=2019-06-06 Time=11:41:30 log_id=0103021 log_type=Firewall log_component=Local_ACLs log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port2 out_dev= inzone_id=2 outzone_id=4 source_mac=00:01:5c:6c:28:46 dest_mac=00:1a:8c:6d:66:c9 l3_protocol=IP source_ip=185.53.88.209 dest_ip=208.104.168.2 l4_protocol=UDP source_port=5064 dest_port=5060 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0x8001 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=984760320 masterid=0 status=256 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

 

 Thanks for taking a look.



This thread was automatically locked due to age.
Parents Reply Children
No Data