07-12-2010 11:04 PM
I need to do source & destination nat for Avaya voip.
We are using a cluster of SSG-140 and using role-based nat.
When I do a capture I see H.225.0 RAS RegistrationConfirm message with the IP of the PBX but it's the original IP and not the natted IP.
I guess this is the problem as the phone receives this message but doesn't responds to it.
I already disabled the ALG for H323, changed some settings for the H.323 ALG but no change.
Has anybody an idea how to get this solved?
07-13-2010 04:17 AM
If you create a permit policy to the phone ip address and turn on logging the log will name any alg that is applied to the traffic. This will let you know if processing by one of the alg is indeed the issue and which one to turn off.
You could also try putting the application type on that policy to "ignore" instead of the default "none". This turns off processing of all alg for that traffic. But if you need the alg to apply then it won't work.
Senior IP Engineer - DQE Communications Pittsburgh, PA
JNCIA-ER JNCIA-EX JNCIS-SEC JNCIP-SEC JNCSP-SEC
JNCDA JNCDS-DC JNCDS-SEC
ACE PanOS 6