| « Install CUCM 7 on VMware Fusion | DSCP to TOS (Decimal) » |
NAT SIP range on UC500/CME
This example describes how to use a single public IP address in conjunction with a NAT port range on an IOS router. This would be suitable when using a Cisco UC500 or CME based system behind a router. The diagram below demonstrates the example topology used in this scenario.
Cisco 877 IP Information
Public Interface: 20.20.20.20
Private Interface: 192.168.0.1/30
Cisco Uc500 IP Information
Routed Interface: 192.168.0.2/30
Loopback Interface: 10.1.1.1 (SIP services bound to this interface)
As with any router providing internet access outbound access is likely provided with an overload statement such as this example.
access-list 105 permit ip <inside networks> any
route-map NAT_MAP permit 1
match ip address 105
ip nat inside source route-map NAT_MAP interface dialer1 overload
To allow a SIP mapping is very simple as per the statement below.
ip nat inside source static tcp 10.1.1.1 5060 interface dialer1 5060
However, a large range of ports is required for RTP, and IOS based devices do not yet have a straight port range option for NAT. The solution in this case is to utilise a route-map that matches the required RTP range (some SIP providers allow you to specify this).
ip access-list extended UDP_RTP
permit udp host <SIP HOST> any range 16384 37248
!
route-map SIP_NAT permit 10
match ip address UDP_RTP
!
ip nat inside source static 10.1.1.1 20.20.20.20 route-map SIP_NAT
Inbound and outbound calls via SIP should function correctly.
This entry was posted on November 21st, 2009 at 08:25:05 pm by admin and is filed under Cisco Unified Communications Manager Express, Cisco Unified Communications 500 Series, Call Control, Network Configuration.
Feedback awaiting moderation
This post has 544 feedbacks awaiting moderation...
Comment feed for this post