Weird Adtran TA-900 problem
Hello, I have a weird problem with one TA-900 on my switch. Other TA-900s are working fine. Inbound calls to the TA from Broadworks fail with a SIP timeout. The INVITE is hitting the TA but it isn't responding with a 100 Trying. If I force the TA to re-register the FXS ports inbound calls start working for a short period of time (couple minutes) If a FXS user makes an outbound call it works and inbound calls work for a short period of time. I have packet captures from the adtran (debug ip packet <filter> dump) showing the INVITE coming in from Broadworks (Acme SD actually) When I enable SIP debugging on the TA I don't see anything in the terminal for the INVITE, like the TA isn't treating the traffic as local When phones are working (after outbound call) I see debug traffic like I would expect. This screams of a NAT issue but the TA is directly connected with a T1 and a real IP (no NAT). The registration in the acme shows no NAT and the registration expire timer is 3600 seconds. The Adtran is configured for NAT for its internal eth0/0 port and I have one linksys phone connected internally. The linksys phone appears as behind NAT in the acme with a 30 second registration timer. The linksys phone works fine through the whole process. Anyone see any issues like this before? Firmware Version A4.08.00.E -- Matthew S. Crocker President Crocker Communications, Inc. PO BOX 710 Greenfield, MA 01302-0710 http://www.crocker.com P: 413-746-2760
I've seen where an Adtran will allow a nat pinhole to be opened that "covers up" the 5060 udp port. This will cause it to forward the 5060 traffic inward into the voip UA behind the NAT (your linksys phone) Make sure if the adtran is doing nat, that it's using a loopback address as its 1:many address, and not the IP that you're using to talk to BW/Acme, as this bug can be avoided by using loopbacks for your public IP while performing NAT. I'm sure there's a better workaround but I've never had the time to care when loopbacks work. -Paul On Sep 27, 2011, at 2:45 PM, Matthew S. Crocker wrote:
Hello,
I have a weird problem with one TA-900 on my switch. Other TA-900s are working fine.
Inbound calls to the TA from Broadworks fail with a SIP timeout. The INVITE is hitting the TA but it isn't responding with a 100 Trying.
If I force the TA to re-register the FXS ports inbound calls start working for a short period of time (couple minutes) If a FXS user makes an outbound call it works and inbound calls work for a short period of time.
I have packet captures from the adtran (debug ip packet <filter> dump) showing the INVITE coming in from Broadworks (Acme SD actually)
When I enable SIP debugging on the TA I don't see anything in the terminal for the INVITE, like the TA isn't treating the traffic as local When phones are working (after outbound call) I see debug traffic like I would expect.
This screams of a NAT issue but the TA is directly connected with a T1 and a real IP (no NAT). The registration in the acme shows no NAT and the registration expire timer is 3600 seconds.
The Adtran is configured for NAT for its internal eth0/0 port and I have one linksys phone connected internally. The linksys phone appears as behind NAT in the acme with a 30 second registration timer. The linksys phone works fine through the whole process.
Anyone see any issues like this before?
Firmware Version A4.08.00.E
-- Matthew S. Crocker President Crocker Communications, Inc. PO BOX 710 Greenfield, MA 01302-0710 http://www.crocker.com P: 413-746-2760
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
I have seen this on our IAD's where we are doing NAT. Adtran's feedback was perform the following? Create an access-list to match SIP signaling. ip access-list extended voip-sig permit udp any any eq 5060 permit tcp any any eq 5060 Create an entry in your policy class that is assigned to your external interface and make sure it is at the top of the list. ip policy-class Public allow list voip-sig self Change the RTP port the IAD's uses ip rtp udp 50000 Change the IAD to not preserve the NAT ports no ip firewall nat-preserve-source-port ---Chris On Sep 27, 2011, at 2:45 PM, Matthew S. Crocker wrote:
Hello,
I have a weird problem with one TA-900 on my switch. Other TA-900s are working fine.
Inbound calls to the TA from Broadworks fail with a SIP timeout. The INVITE is hitting the TA but it isn't responding with a 100 Trying.
If I force the TA to re-register the FXS ports inbound calls start working for a short period of time (couple minutes) If a FXS user makes an outbound call it works and inbound calls work for a short period of time.
I have packet captures from the adtran (debug ip packet <filter> dump) showing the INVITE coming in from Broadworks (Acme SD actually)
When I enable SIP debugging on the TA I don't see anything in the terminal for the INVITE, like the TA isn't treating the traffic as local When phones are working (after outbound call) I see debug traffic like I would expect.
This screams of a NAT issue but the TA is directly connected with a T1 and a real IP (no NAT). The registration in the acme shows no NAT and the registration expire timer is 3600 seconds.
The Adtran is configured for NAT for its internal eth0/0 port and I have one linksys phone connected internally. The linksys phone appears as behind NAT in the acme with a 30 second registration timer. The linksys phone works fine through the whole process.
Anyone see any issues like this before?
Firmware Version A4.08.00.E
-- Matthew S. Crocker President Crocker Communications, Inc. PO BOX 710 Greenfield, MA 01302-0710 http://www.crocker.com P: 413-746-2760
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
participants (3)
-
lists@iamchriswallace.com -
matthew@corp.crocker.com -
paul@timmins.net