如何在局域网中运行 SIP 电话(NAT 重载到单个 IP)?

网络工程 思科 纳特 思科-ios
2022-02-28 13:09:55

我们有一个连接到 DSL 调制解调器的小型办公室网络交换机,用于互联网和电话访问。现在我们要将网络扩展到同一建筑物中的另一个位置,我为其部署了 cisco 1841 路由器。

以前的拓扑:

Internet --- DSL Modem --- Office LAN Switch (L2) (192.168.1.0/24) --- SIP Phone

新拓扑:

Internet --- DSL Modem --- Office LAN Switch (L2) (192.168.1.0/24) --- cisco 1841 --- Branch Lan Switch (L2)(192.168.0.0/24) --- SIP Phone

SIP 电话在服务提供商处连接到云 PBX,并且在之前的配置中它们可以正常工作。

现在在第二种配置中;虽然我们在分行可以上网;我的 SIP 电话有问题!!

在这个路由器中,我配置了一个 NAT 过载。你能告诉我我该怎么做才能让 SIP 电话正常工作吗?

您可以在下面找到 cisco 1841 的配置和 IP NAT SIP 调试。

version 12.4
!
boot-start-marker
boot-end-marker
!
!
resource policy
!
clock timezone GMT 3
ip cef
!
!
no ip dhcp use vrf connected
!
ip dhcp pool MAIN-POOL
   network 192.168.0.0 255.255.255.0
   domain-name mycomp.local
   default-router 192.168.0.1 
   dns-server 192.168.0.1 
!
!
ip domain name mycomp.com
ip name-server 8.8.8.8
ip name-server 8.8.4.4
!
!
!
interface FastEthernet0/0
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
 no mop enabled
!
interface FastEthernet0/1
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
ip route 0.0.0.0 0.0.0.0 192.168.1.1
!
ip dns server
ip nat inside source list 50 interface FastEthernet0/1 overload
!
access-list 50 permit 192.168.0.0 0.0.0.255
!
!
control-plane
!
!

调试 ip nat sip:

Nov  6 07:02:35.678: NAT: SIP: [0] processing unrecognized message
Nov  6 07:02:45.385: NAT: SIP: [0] processing INVITE message
Nov  6 07:02:45.385: NAT: SIP: [0] translated embedded address 192.168.0.14->192.168.1.51
Nov  6 07:02:45.385: NAT: SIP: [0] translate embedded port 5062->1029
Nov  6 07:02:45.385: NAT: SIP: [0] register:0 door_created:1
Nov  6 07:02:45.385: NAT: SIP: Contact header found
Nov  6 07:02:45.385: NAT: SIP: Trying to find expires parameter
Nov  6 07:02:45.385: NAT: SIP: [0] translated embedded address 192.168.0.14->192.168.1.51
Nov  6 07:02:45.385: NAT: SIP: [0] translate embedded port 5062->1029
Nov  6 07:02:45.385: NAT: SIP: [0] register:0 door_created:1
Nov  6 07:02:45.385: NAT: SIP: [0] register:0 door_created:0
Nov  6 07:02:45.385: NAT: SIP: [0] message body found
Nov  6 07:02:45.389: NAT: SIP: Media Lines present:1
Nov  6 07:02:45.389: NAT: SIP: old_sdp_len:306 new_sdp_len :327
Nov  6 07:02:45.421: NAT: SIP: [1] processing SIP/2.0 401 Unauthorized message
Nov  6 07:02:45.421: NAT: SIP: [1] translated embedded address 192.168.1.51->192.168.0.14
Nov  6 07:02:45.421: NAT: SIP: [1] translate embedded port 1029->5062
Nov  6 07:02:45.421: NAT: SIP: [1] register:0 door_created:1
Nov  6 07:02:45.421: NAT: SIP: [1] register:0 door_created:0
Nov  6 07:02:45.433: NAT: SIP: [0] processing ACK message
Nov  6 07:02:45.433: NAT: SIP: [0] translated embedded address 192.168.0.14->192.168.1.51
Nov  6 07:02:45.433: NAT: SIP: [0] translate embedded port 5062->1029
Nov  6 07:02:45.433: NAT: SIP: [0] register:0 door_created:1
Nov  6 07:02:45.525: NAT: SIP: [0] processing INVITE message
Nov  6 07:02:45.525: NAT: SIP: [0] translated embedded address 192.168.0.14->192.168.1.51
Nov  6 07:02:45.525: NAT: SIP: [0] translate embedded port 5062->1029
Nov  6 07:02:45.525: NAT: SIP: [0] register:0 door_created:1
Nov  6 07:02:45.525: NAT: SIP: Contact header found
Nov  6 07:02:45.525: NAT: SIP: Trying to find expires parameter
Nov  6 07:02:45.525: NAT: SIP: [0] translated embedded address 192.168.0.14->192.168.1.51
Nov  6 07:02:45.525: NAT: SIP: [0] translate embedded port 5062->1029
Nov  6 07:02:45.525: NAT: SIP: [0] register:0 door_created:1
Nov  6 07:02:45.525: NAT: SIP: [0] register:0 door_created:0
Nov  6 07:02:45.525: NAT: SIP: [0] message body found
Nov  6 07:02:45.525: NAT: SIP: Media Lines present:1
Nov  6 07:02:45.529: NAT: SIP: old_sdp_len:306 new_sdp_len :327
Nov  6 07:02:45.557: NAT: SIP: [1] processing SIP/2.0 100 Trying message
Nov  6 07:02:45.557: NAT: SIP: [1] translated embedded address 192.168.1.51->192.168.0.14
Nov  6 07:02:45.557: NAT: SIP: [1] translate embedded port 1029->5062
Nov  6 07:02:45.557: NAT: SIP: [1] register:0 door_created:1
Nov  6 07:02:45.557: NAT: SIP: [1] register:0 door_created:0
Nov  6 07:02:45.801: NAT: SIP: [1] processing SIP/2.0 403 Remote is disconnected (last code: 400) message
Nov  6 07:02:45.801: NAT: SIP: [1] translated embedded address 192.168.1.51->192.168.0.14
Nov  6 07:02:45.805: NAT: SIP: [1] translate embedded port 1029->5062
Nov  6 07:02:45.805: NAT: SIP: [1] register:0 door_created:1
Nov  6 07:02:45.805: NAT: SIP: [1] register:0 door_created:0
Nov  6 07:02:45.813: NAT: SIP: [0] processing ACK message
Nov  6 07:02:45.813: NAT: SIP: [0] translated embedded address 192.168.0.14->192.168.1.51
Nov  6 07:02:45.813: NAT: SIP: [0] translate embedded port 5062->1029
Nov  6 07:02:45.813: NAT: SIP: [0] register:0 door_created:1
Nov  6 07:02:47.677: NAT: SIP: [0] processing unrecognized message
Nov  6 07:02:56.616: NAT: SIP: [0] processing unrecognized message
Nov  6 07:03:05.680: NAT: SIP: [0] processing unrecognized message
Nov  6 07:03:06.431: NAT: SIP: [0] processing unrecognized message
1个回答

我已经解决了这个问题。

看来,默认SIP ALG情况ON下,当我禁用时SIP ALGVoIP客户端开始正常工作:

enable
configure terminal
no ip nat service sip udp port 5060
no ip nat service sip tcp port 5060
其它你可能感兴趣的问题
上一篇使用 VLAN 和 MAC auth 进行网络分段:关于实现的思考 下一篇交换机问题:没有环路,没有损坏的端口,那又怎样?