Equipment (Modems,Gateways)
Modems, Gateways, and Networking Devices
Male IT Specialist Holds Laptop and Discusses Work with Female Server Technician. They're Standing in Data Center, Rack Server Cabinet is Open.
Highlighted
New Member

SMCD3G-CCR configuring to use with VOIP with Polycom VX410 Phones

I have been working with a customer who moved to a new office to setup everything for them.  The voip phones are not working right they can call out however no one can call in.  I have been on the phone with Polycom guys yesterday at that time Comcast had sent the wrong router it was the Netgear one so they have hooked up another last night the SMCD3G-CCR which is supposed to be good and work with these phone and voip.  I have tried everything to get them to work and still cannot dial in.  I have made sure the firewall setting were correct on the router where those two check boxes were checked.  I also added port forwarding to port 5060 to the IP address of one of the phones then rebooted the phone and still nothing.  Polycom tech says that he cannot see the phone on his end.  Please help!  Can anyone tell me what I need to do to get these guys phones working correctly.  Thanks for any help that you can provide!

 

Tony

0 Kudos
3 REPLIES 3
Highlighted
Trusted Forum Contributor

Re: SMCD3G-CCR configuring to use with VOIP with Polycom VX410 Phones

Hello afurlani and welcome,

 

If you are not a Comcast VoiceEdge customer then it might be prudent for you to check out the Polycom User guide which may be able to provide you assistance. Most VOIP devices have a main VOIP server device that the SIP phones will access for VOIP internal and external telephony functionality. These VOIP devices must also have a static IP address to make sure that the VOIP phones can consistently access, as well. If you could provide us more detail of your overal network environment we could provide additional assistance.

 

Look forward to hearing from you.

0 Kudos
Highlighted
New Member

Re: SMCD3G-CCR configuring to use with VOIP with Polycom VX410 Phones

The Network is simple I just have the SMCD3G-CCr hooked up with the Polycom phones plugged into the router. I also have a Netgear Wireless router so that they could have wireless in the office. There are twp PC's and wireless printer very simple setup.  The IP address of the phone is 10.0.10.11.  The IP address of the Router is 10.1.10.1 which I can access with no issues.  DSCI sent me a document on the issue that is happening which is one way audio. I pasted that below if that helps at all.   I don't really understand this IP stuff.  Thanks for your help!  What other information do you need?

Tony

 

 

 

Configuration Notes

The following section has been documented to help the customer network administrator

facilitate the appropriate changes prior to an UCx demonstration or UCx deployment.

DSCI deploys the UCx product in such a way to reduce the amount of time a customer must

spend configuring their Security devices. Typically, a customer’s network is UCx ready if the

customer supports a security device (router or firewall) which performs basic NAT. General

network connectivity must be established prior to installing phones on the customer LAN. This

means that NAT/PAT should be functional and provide basic Internet browsing prior to installing

VoIP phones.

If a customer has locked down their network using IP Access Lists (ACL) or firewall policies, the

customer should verify the following ports are not restricted from making outbound connections

from the Customer’s LAN. The customer should not need to make any inbound allotments for

the proper functionality of the UCx product.

FTP.dsci-net.com

FTP TCP/20-21 outbound to host 204.11.148.130

Time.dsci-net.com

NTP TCP/123 outbound to host 204.11.148.0/24

SBC Charlestown Public

SIP TCP/5060 outbound to host 204.11.148.40

SIP UDP/5060 outbound to host 204.11.148.40

RTP UDP/60000-65535 to host 204.11.148.40

SBC Waltham Public

SIP TCP/5060 outbound to host 209.104.247.240

SIP UDP/5060 outbound to host 209.104.247.240

RTP UDP/60000-65535 to host 209.104.247.240

EWS1.dsci-net.com

HTTP TCP/80 outbound to 204.11.148.10

HTTPS TCP/443 outbound to 204.11.148.10

FTP TCP/20-21 outbound to 204.11.148.10

EWS2.dsci-net.com

HTTP TCP/80 outbound to 204.11.148.137

HTTPS TCP/443 outbound to 204.11.148.137

FTP TCP/20-21 outbound to 204.11.148.137

EWS3.dsci-net.com

HTTP TCP/80 outbound to 76.191.38.20

HTTPS TCP/443 outbound to 76.191.38.20

FTP TCP/20-21 outbound to 76.191.38.20

EWS4.dsci-net.com

HTTP TCP/80 outbound to 204.14.67.26

HTTPS TCP/443 outbound to 204.14.67.26

FTP TCP/20-21 outbound to 204.14.67.26

BroadCloud UC-One

XMPP TCP/5222 outbound to dscicorp.bc.im (currently 128.177.36.238)

XMPP TCP/1081 outbound to dscicorp.bc.im (currently 128.177.36.238)

HTTPS TCP/443 outbound to webmeet.dscicorp.com (currently 72.44.196.198)

CounterPath Bria

HTTP TCP/80 outbound to bria.dsci-net.com (currently 209.104.229.128)

HTTPS TCP/443 outbound to secure.counterpath.com (currently 64.34.98.132)

Manufacturers are adding features to their security devices which alter VoIP traffic as it

traverses the firewall. These devices attempt to mask the internal IP information required by the

ACME Packet to properly communicate with the UCx phone. For this reason, it is required to

disable all VoIP Application awareness features configurable on the firewall. Failure to do so

will cause one way audio issues and call route failures.

Cisco PIX Firewalls

Cisco’s Fixup performs application layer modifications which are not desirable for DSCI’s VoIP.

There are two global Fixup commands which must be disabled to allow the SIP protocol to

traverse the security device unchanged.

All other commands, to include session timers, should be left at their default. Administrators

should note that if a “clear xlate” is performed, UCx phones will cease to function correctly, until

they are rebooted or the phones re-register.

Config t

no fixup protocol sip 5060

no fixup protocol sip udp 5060

Cisco ASA Firewalls

Like Cisco’s PIX Firewall, the ASA version needs to have SIP ALG services disabled.

To determine whether the Cisco PIX or Cisco ASA security appliance is configured to support

inspection of sip packets, log in to the device and issue the CLI command show service-policy |

include sip. If the output contains the text Inspect: sip and some statistics, then the device has

SIP inspection enabled. The following example shows a Cisco ASA with SIP inspection

enabled:

asa#show service-policy | include sip

Inspect: sip, packet 123612, drop 23, reset-drop 0

Config t

policy-map global_policy

class inspection_default

no inspect sip

Cisco IOS Routers (Using NAT/PAT)

It is recommended that IP Reflexive ACLs are enabled to ensure valid two-way communication

is not restricted. Reflexive ACLs will allow dynamic port mappings for SIP and RTP to occur

when using PAT.

Newer IOSs have a NAT Service which performs packet modification much like fixup for Cisco

Firewalls which needs to be disabled. Administrators should note that if a “clear ip nat

translation *” is performed, UCx phones will cease to function correctly, until they are rebooted

or re-register.

Config t

No ip nat service sip udp port 5060

IP Inspect is part of Cisco’s Firewall feature set and is not supported.

Adtran Total Access (Using NAT/PAT)

Adtran routers which have “ip firewall” enabled should have the following two global

configuration entries disabled

Config t

no ip firewall alg h323

no ip firewall alg sip

Juniper Netscreen 5-GT

The Netscreens have a Denial of Service (DoS) feature for UDP traffic which should be

disabled. If this feature triggers, VoIP traffic will be blocked, causing call termination. Netscreen

v5.3.0r1.0 (Firewall+VPN) was tested and certified by DSCI as a supported Security Device.

Security Mode: trust-untrust

ALG SIP: DISABLED

UDP Flood Protection: DISABLED

SonicWall SonicOS

The following SonicWall settings should be set to allow for UCx Phones to properly

communicate through the firewall.

Enable Consistent NAT: DISABLED

Enable SIP Transformations: DISABLED

Enable H.323 Transformations: DISABLED

FortiGate Firewalls

The following FortiGate Firewall Session Helper must be removed to disable the firewall’s ability

to manipulate SIP traffic.

show sys session-helper

#find the SIP helper ID #

config sys session-help

#delete #

end

More hardware configuration notes will be added as additional equipment is certified.

 

0 Kudos
Highlighted
Trusted Forum Contributor

Re: SMCD3G-CCR configuring to use with VOIP with Polycom VX410 Phones

Hi Tony,

 

Please see my comments below. Thanks much.

 

 

 

The Network is simple I just have the SMCD3G-CCr hooked up with the Polycom phones plugged into the router. I also have a Netgear Wireless router so that they could have wireless in the office. There are twp PC's and wireless printer very simple setup. 

 

Does this NetGear Wireless Router directly support VOIP? If it does, then you will need to conect NetGear for the VOIP configuration settings. If it does not support VOIP, then you will need check out this link and contact the VoiceEdge folks to see if this service is for you. If the Comcast VoiceEdge service is not for you, then you need to use this site to obtain Polycom support. Generally speaking about VOIP, the way it works is you must have some type of VOIP Server-like device that you VOIP phones interconnect with via a static IP address. When a VOIP phone want to initiate a call, it send an Enet packet with a SIP embedded subpacket that performs the overall VOIP call handling functionality. VOIP phones do not just plug into any wireless router without that device having VOIP server support.  You VOIP phones must be registered within the VOIP server for them to work directionally at all. Most VOIP companies have dedicated virtual PBX capability that handles all external call processing.

 

 

The IP address of the phone is 10.0.10.11.  The IP address of the Router is 10.1.10.1 which I can access with no issues.  DSCI sent me a document on the issue that is happening which is one way audio. I pasted that below if that helps at all.   I don't really understand this IP stuff.  Thanks for your help!  What other information do you need?

Tony

 

Honestly, I would recommend that you contact the Comcast VoiceEdge group to see if what they have to offer if for you.  http://business.comcast.com/VoiceEdge‎ (888) 751-9584

0 Kudos