Cisco RV120W PPTP astronomers source IP address

I have a VoIP application that I am trying to run over the PPTP VPN tunnel on a router RV120W.

The system is a NEC SV8100 PBX communicate with the phone software NEC (sp310).  The system uses SIP to set up the call and for any other information signs.  It uses RTP to transmit/receive audio stream.

The problem I have is that there is no stream audio to the phone.  SIP communication and streaming audio to the phone works fine.  The symptom is: telephony, the remote side cannot hear you, but you can hear them.

I did a trace of the RV120W package and found the following:

No. Time Source Dest. Protocol Info
948

9.358957

192.168.1.252

192.168.1.52

 RTP

PT = ITU G.711 PCMU, SSRC = 0x7F1621CA, Seq = 14361, time is 779040
949

9.359530

192.168.1.1

192.168.1.252

 RTP

PT = ITU G.711 PCMU, SSRC = 0xE943F2E7, Seq = 19090, time is 3940936556
RTP

192.168.1.252-ONLINE NEC PBX

192.168.1.52 => soft phone connected via PPTP

192.168.1.1-ONLINE RV120W

As you can see, the IP Source address differs from that of its origin 192.168.1.52 to 192.168.1.1.  PBX NEC expects the package to come from the softphone, (192.168.1.52) not the RV120W (192.168.1.1).  As a result, it ignores the RTP for telephony package and do not relay it to the remote side.

Is there a reason why the RV120W running NAT on PPTP packets?  Can it be turned off somehow?

All ideas will be useful.

Thank you!

--

Joe Ripley

Choose RV220 is the option.

Tags: Cisco Support

Similar Questions

  • Source IP address of the originating call to sip trunk

    I'm unable to set address ip source from trunk sip call. I read somewhere that the source ip address of the call must be the ip address that call device registered to. I also checked "run in all active nodes such as suggested by cisco. We have 3 Sub cluster and 1 pub however still call orgianate to a particular Sub.

    I also undergoes several changes i - e DP and list route but think not worked for me. Can someone help to sortout this problem?

    Let's say if your ip phone registered in sub - and "run on all nodes" enabled, then the source ip address is always sup - A s ip address regardless of the device pool config on the sip trunk.

    Could please explain you the device pool config in phones IP & SIP trunk?

    you have enabled the "run on all nodes" for a list of course also?

    Suresh

    Please note all useful messages.

  • Cisco RV120W settings VLAN

    Hey,.

    I have problems to configure my router vpn cisco RV120w.

    I' soul a new network installation. On port 1, my modem is connected to my provider ISS. Port 2 on an HP proliant SBS 2011 to connected. Port 3 on the same server for building specific applications. the 4th port I mede existing connection with the network.

    Everywone requires access to port 1 for internet and port 2, because it's the server active directory. Some people need also have access to the 3. Ditto for port 4.

    Belonging to a Vlan is configured like this:

    VLAN: Enable
    Create VLANs and assign the outgoing frame Type.

    Up to four new VLANS can be created. VLAN ID must be in the order (2.4094)

    Table of members of VLAN

    VLAN ID Description Inter routing VLAN Device management Port 1 2 port Port 3 Port 4
    1 By default Activated Activated Not tagged Not tagged Not tagged Not tagged
    2 SBS2011 Activated Activated The tag The tag The tag The tag
    3 SBS2011B People with disabilities Activated The tag The tag The tag The tag
    4 Interdio People with disabilities People with disabilities The tag The tag The tag The tag
    1 - 4 of 4

    Several subnets VLAN

    Table of multiple subnet VLANS

    VLAN ID IP address Subnet mask DHCP mode Status of DNS Proxy
    1 192.9.212.1 255.255.255.0 DHCP no Activated
    2 192.9.222.1 255.255.255.0 DHCP relay Activated
    3 192.9.232.1 255.255.255.0 DHCP no Activated
    4 192.168.124.1 255.255.255.0 DHCP no Activated

    Can anywone help my to configure this correct.

    Thank you

    To get the LAN communication to work a few things look like they need a change.

    Port 1 must be untagged vlan 1

    2 port should be untagged vlan 2

    Port 3 should be untagged vlan 3

    Port 4 is expected to be untagged vlan 4

    In addition, routing inter - vlan must be activated for your vlan 3 and vlan 4.

    -Tom
    Please evaluate the useful messages

  • Problems with HP Photosmart C4380 wireless via a router from Cisco RV120W

    We recently purchased a Cisco RV120W wireless router and now we can´t connect our wireless Photosmart C4380 printer.

    During the installation process, we get the message: "the can´t computer communicate with the printer on 192.168.0.216. It can be caused by firewallproblems. Check that the 427 UDP port are not blocked in and out of traffic"(translated from Danish).

    If I remove the USB cable and try again, the installation continues and Announces: 'printer found – connected to the LAN' - but in the end: "Printer installation is not complete" - aurgh!

    The report-network printer looks OK all the way.

    Can someone help us we are frustrated.

    Greetings Jens Ove and Helge

    Sorry, but I'm not familiar with this device.  However, I would search in the areas of networks, VPN and security.

    You want to be sure of not having active VPN and also look for implementing isolation.

    This manual can help: http://www.cisco.com/en/US/docs/routers/csbr/rv120w/administration/guide/rv120w_admin.pdf

  • How to find the source IP address of open session with VC

    I gave only a single journal id for all users in my virtual environment. They all use the same ID for their own use. My question is how do I know the source IP address of the active\idle open session with VC?

    VC Server - version 4.0 - 208111
    vSphere Client - 4.0 build-208111
    Servers ESX - 3.5 build-238493

    Thank you

    Ganesh

    Take a look at the thread below, it might be useful

    vCenter session - find origin of connection

  • Tecra A10 with wrong source IP address ping responses

    Hello!

    I have problems with my network connection.

    After installing Win7 pro answers tecra A10 ping on the lan with 192.168.0.239 port, but he 192.168.211.36 the DHCP server.
    In Wireshark on tecra A10 I don't see demand for IGMP but no answer.

    On the other PC the answer comes a false IP (and of course a wrong MAC).
    If I disconnect the lan cable a stop responses.
    If I boot in Linux, everything's fine.

    So what software changes IP address?
    I see no answer in wireshark, I think it might be something around the network card.
    Internet is OK, but I can't do any remote.

    Someone at - it an idea?

    If your problem is the remote control only, right?

    If I understand right you don t use original Toshiba recovery image so no one here Don t know exactly what have you installed and you do exactly.
    If your LAN/WLAN card working properly and you can connect to your router, this proves that there is no hardware problem.

    Have you tried the same thing with the original preinstalled recovery image?

  • SFR - no policy of the 'rate of bandwidth limit' based on the source IP address

    Hello security experts.

    I can't find the policy of depending on source IP bandwidth rate limiting or a device of the type (in the case of mobile devices android or apple) on SFR because it was easily configurable with the CX on ASA5515-X module.

    Anyone know if I can put it on Firesight and SFR sensor ASA5515-X?

    Thanks in advance.

    Kind regards

    Remi

    Remi,

    Unfortunately the limit speed of bandwidth / traffic shaping is not currently available for devices of firepower.

    You can speak to your sales representative to discuss the future roadmap of the produ

    CT in more detail.

    The function is in the road map and will come with the future software release 6.X.

    Best regards

    Veronika

  • Cisco AnyConnect - same as LAN IP address?

    I'm trying to see if it can be done... I know that the best practice is to give clients VPN IP address on a different subnet to the interfaces of the SAA, but in my current situation, I need that they have the same addresses to the company LAN. We have a lot already VPN client to a router to corporate headquarters, where evolution ACL on each tunnel to accommodate the AnyConnect customer isn't an option. I need to find a way that AnyConnect client can connect to our remote access firewall, but still allow traffic through existing VPN Client tunnels, without changing the existing VPN client configurations. A diagram could explain it's better (see below).

    Hi John

    Yes, this can be done. I've done this plenty of time using AnyConnect.

    You can even tell the ASA to allocate IP addresses to clients AnyConnect using your main network or DHCP servers.

    You will need create NAT on the SAA exclusion rules so that this traffic is not natd(8) and also add routes on the SAA for remote subnets you want to be able to communicate with.

    HTH

    Barry Hesk
    Intrinsic network solutions

  • vSphere syslog from the wrong source IP address

    I enabled syslog on my pointing my syslog server esx servers. My syslog server has an access list on who can send so I have allowed the whole vsphere management IP address space. For some reason any 2 boxes send the syslog via the network IPs vmotion. The syslog server to sit in one of these segments.

    anyone see the problem?

    I did not the old reboot again.

    Can you please share some details on the host network configuration, i.e. addresses IP, subnet masks, default gateway. Given that the host can be that a single default gateway the vMotion network should not even able to reach the syslog server in another subnet (except that you have configured static routes).

    VMkernel (vmkX) ports are configured for the management and vMotion?

    André

  • MRM - 'monitor source address is not configured "?

    Greetings,

    I try to use MRM, but the "manager" doesn't seem to know its source, despite the research address as it does.

    I tried several source interfaces.

    Mrm - ip TEST Manager

    Serial0/0.1 225.0.0.1 Workgroup Manager

    senders 1

    2 receptors

    -----------------------------------------

    R3 #sh ip mrm manager TEST

    Manager:test/1.0.0.1 is not running

    Beacon interval/holdtime / ttl:60/86400/32

    Group: 225.0.0.1, UDP port test-package/status-report: 16384 / 65535

    Test mailers:

    5.5.5.5

    Receivers of tests:

    1.1.1.1

    -----------------------------------------

    R3 #mrm TEST start

    Source monitor address is not configured

    -----------------------------------------

    ???!!!! Another interface (loopback)

    -----------------------------------------

    R3 #sh ip mrm manager TEST

    Manager:test/3.3.3.3 is not running

    Beacon interval/holdtime / ttl:5/86400/32

    Group: 239.0.0.1, UDP port test-package/status-report: 50000 / 50001

    Test mailers:

    5.5.5.5

    Receivers of tests:

    1.1.1.1

    R3 #mrm TEST start

    Source monitor address is not configured

    -----------------------------------------

    I tried this on various 3640 s running enterprise 12.3 and a 12.2 (32) running of 2500. All have the same result.

    You missed this command, I think.

    "R1(config-mrm-manager) # 2 sender-list of recipients 1.

    While the Cisco IOS CLI parser accepts the command entered without the pair of keywords-argument access-list-list of senders, this pair of keyword-argument is not optional. For a test MRM work, you must specify the sources that the Test receiver should monitor using the sender-list of keyword argument and access list.

    This should solve the problem.

    HTH-Cheers,

    Swaroop

    ========================================

    ]

    R1 #sh ip mrm in

    R1 #sh ip interface of mrm

    State of the address of the interface Mode

    FastEthernet0/0 10.1.1.1 - receiver to Test upward

    R1 #mrm TEST1?

    start the start IP MRM test

    stop the test to stop IP MRM

    R1 #mrm TEST1 beginning

    R1 #mrm TEST1 beginning

    R1 #.

    R1 #.

    R1 #sh

    00:06:23: test of IP MRM 'TEST1' begins...

    % Of type 'show?' for a list of subcommands

    R1 #.

    R1 #.

    R1 #.

    R1 #sh ip Manager mrm

    Manager:Test1/10.1.2.1 is running, expiration: 1d00h

    Beacon interval/holdtime / ttl:60/86400/32

    Group: 239.1.1.1, UDP port test-package/status-report: 16384 / 65535

    Test mailers:

    10.1.1.2 n - Ack

    Receivers of tests:

    10.1.2.2 n - Ack

    R1 #sh ip Manager mrm

    Manager:Test1/10.1.2.1 is running, expiration: 1d00h

    Beacon interval/holdtime / ttl:60/86400/32

    Group: 239.1.1.1, UDP port test-package/status-report: 16384 / 65535

    Test mailers:

    10.1.1.2 n - Ack

    Receivers of tests:

    10.1.2.2 n - Ack

    R1 #.

    !

    Manager of mrm IP TEST1

    Manager group 239.1.1.1 FastEthernet1/0

    senders 1

    receivers 2-list 1

    !

    access-list 1 permit 10.1.1.2

    access-list 2 allow 10.1.2.2

    !

    !

    R1 #sh cdp nei

    Ability code: R - router, T - bridge Trans, B - road Source bridge

    S - switch, H - host, I - IGMP, r - Repeater

    Device ID Local Intrfce Holdtme Port platform capability ID

    R2 Fas 0/0 135 R 3620 Fas 0/0

    R3 Fas 1/0 172 R 3620 Fas 0/0

    R1 #.

    R1 #.

    R1 #sh ip int brie

    Interface IP-Address OK? Method status Prot

    Commissioner of official languages

    10.1.1.1 FastEthernet0/0 YES manual up up

    10.1.2.1 FastEthernet1/0 YES manual up up

    Loopback0 1.1.1.1 YES manual up up

    R1 #.

    ----------------------------

  • IP over different WAN, source routing ip range? [cisco 891]

    Hi all!

    Here I am again asking for help! :)

    Here's the goal: I want a set of computers to use a WAN and another using the other WAN based on the IP address range.

    I use a router cisco 891. Fastethernet0 is a WAN, GigabitEthernet8 is the other WAN and gigabitethernet 0 to 7 are 8 switch of the router ports.

    From now on, I have my two internet access works very well, each of them is connected to a WAN port on my router. I have no problem have all my computers using a WAN or the other, or even load balancing between them, but what I want is to fix some computers with internet access and the other computer to use other internet access.

    I don't know how to do this, I looked in the delivery by source IP address, but I don't really know how to do. I saw something on the basis of routing policy, but I can only apply these policies on incoming packets that I seem not to be able to apply these policies to one of the switch port of the router. I would need to use the WAN port to connect my incoming LAN in, but then I would not be enough WAN port for both of my internet connections.

    Internet gateway #1 is 172.26.2.254

    #2 connection gateway is 192.168.1.254

    Here is my current config:
    I understand why I have bad connection whith this config since it is load balancing between the road two default and send only one of my two wan according to the INVESTIGATION period, but I don't know what to do to say precilesy Beach, the beach of IP #2 and IP #1 to go go here.

     Cisco891(config)#do sh run Building configuration... Current configuration : 3833 bytes ! ! Last configuration change at 15:11:43 UTC Tue Oct 20 2015 by *********** ! NVRAM config last updated at 14:58:11 UTC Tue Oct 20 2015 by *************** ! NVRAM config last updated at 14:58:11 UTC Tue Oct 20 2015 by ************** version 15.3 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname Cisco891 ! boot-start-marker boot-end-marker ! aqm-register-fnf ! enable secret 5 ************************/ enable password ************************ ! no aaa new-model ! ! ! ! ! ! ! ip dhcp excluded-address 172.26.1.1 172.26.1.49 ip dhcp excluded-address 172.26.1.100 172.26.1.254 ip dhcp excluded-address 10.10.20.1 10.10.20.49 ip dhcp excluded-address 10.10.20.100 10.10.20.254 ! ip dhcp pool vlan1pool network 172.26.1.0 255.255.255.0 default-router 172.26.1.254 dns-server 208.67.222.222 208.67.220.220 ! ! ! ip domain name lnc360.fr ip name-server 208.67.222.222 ip name-server 208.67.220.220 ip cef no ipv6 cef ! ! ! ! ! multilink bundle-name authenticated ! ! ! ! ! ! ! license udi pid C891F-K9 sn ******************************* ! ! username ******************** privilege 15 secret ************************************* ! ! ! ! ! no ip ftp passive ip ssh time-out 60 ip ssh logging events ip ssh version 2 ! ! ! ! ! ! ! ! ! ! interface BRI0 no ip address encapsulation hdlc shutdown isdn termination multidrop ! interface FastEthernet0 ip address 192.168.1.1 255.255.255.0 ip nat outside ip virtual-reassembly in duplex auto speed auto ! interface GigabitEthernet0 switchport mode trunk no ip address ! interface GigabitEthernet1 switchport mode trunk no ip address ! interface GigabitEthernet2 switchport mode trunk no ip address ! interface GigabitEthernet3 switchport mode trunk no ip address ! interface GigabitEthernet4 switchport mode trunk no ip address ! interface GigabitEthernet5 switchport mode trunk no ip address ! interface GigabitEthernet6 switchport mode trunk no ip address ! interface GigabitEthernet7 switchport mode trunk no ip address ! interface GigabitEthernet8 ip address 172.26.2.10 255.255.255.0 ip nat outside ip virtual-reassembly in duplex auto speed auto ! interface Vlan1 ip address 172.26.1.254 255.255.255.0 ip nat inside ip virtual-reassembly in ! interface Vlan2 ip address 10.10.10.254 255.255.255.0 ip nat inside ip virtual-reassembly in ! interface Async3 no ip address encapsulation slip ! ip forward-protocol nd ip http server ip http authentication local no ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ! ! ip nat inside source list LAN_PCs interface GigabitEthernet8 overload ip nat inside source list LAN_servers interface FastEthernet0 overload ip route 0.0.0.0 0.0.0.0 172.26.2.254 ip route 0.0.0.0 0.0.0.0 192.168.1.254 ! ip access-list extended LAN_PCs deny ip 172.26.1.0 0.0.0.31 any deny ip 172.26.1.112 0.0.0.15 any deny ip 172.26.1.240 0.0.0.15 any permit ip 172.26.1.0 0.0.0.255 any ip access-list extended LAN_servers permit ip 10.10.10.0 0.0.0.255 any permit ip 172.26.1.0 0.0.0.31 any permit ip 172.26.1.112 0.0.0.15 any permit ip 172.26.1.240 0.0.0.15 any ! ! ! control-plane ! ! ! mgcp behavior rsip-range tgcp-only mgcp behavior comedia-role none mgcp behavior comedia-check-media-src disable mgcp behavior comedia-sdp-force disable ! mgcp profile default ! ! ! ! ! line con 0 no modem enable line aux 0 line 3 modem InOut speed 115200 flowcontrol hardware line vty 0 4 privilege level 15 password 7 ****************************************** login local transport input ssh transport output ssh line vty 5 15 password 7 *********************************************** login local transport input telnet transport output telnet ! scheduler allocate 20000 1000 ntp update-calendar ntp server 0.europe.pool.ntp.org ! end

    Thank you!

    Hello

    Apply the ACB on the SVI strategy ' sof the VLAN

    int vlan 1
    intellectual property policy map route ACB

    int vlan 2
    intellectual property policy map route ACB

    RES

    Paul

  • Cisco ASA 5510 - restrictions of VPN (AnyConnect) based on the AD user or IP address

    Hello

    I want to test how to restrict access user on an ASA 5510 AnyConnect. In politics, I can define what networks will go through the VPN tunnel and which not (split tunneling). The ASA has a LDAP connection and only AD users with a special security group can connect over AnyConnect.
    On the other hand I would like to restrict access for special users within a VPN policy.

    So my question:
    What are your recommendations to implement this szenario?

    My two ideas would be:
    1. the access rules based on the user of the AD.
    2. special reserve IP addresses in the pool of addresses AnyConnect for some users, so I can limit access to the normal firewall rules base based on the source IP address.

    What are your recommendations and is it possible to realize my ideas (and how)?

    Thanks in advance

    Best regards

    Hello

    I will suggest that you configure a second ad group in the server and another group strategy in the ASA, you can configure certain access on each group policy "the installer of the filters, assign different split political tunnel, different ACL' and in the ad server, you can assign users for example to the AD Group A and AD Group B based on the access you want to give them now , you must configure LDAP mapping to assign the user specific group policy that you want based on the AD group that they belong.

    You can follow this documentation that will help you configure the LDAP Mapping:

    http://www.Cisco.com/c/en/us/support/docs/security/ASA-5500-x-series-NEX...

    Best regards, please rate.

  • Wireless IP addresses appear as source on cable network address.

    If a computer is connected to a wireless network with a pattern of us IP address will tell 192.168.1.0/24 and also then connects to a wired network with a different IP address scheme we will say 192.168.2.0/24 will be the traffic on the cable network never marked with the source IP address of the wireless network card?  I have Wireshark showing packet capture happens in some cases and it eventually causes a large amount of reset TCP traffic.  I don't think that the system would put a package on the cable network IP of the network using wireless as a source address.  Is this normal or desired?

    If the cable network becomes available when the wireless network is enabled I guess that packages would continue to be sent wireless.  I do not understand that the local routing table may indicate that the cable network has the lowest metric, but then I would think the wireless session should be reset and the traffic should then be retransmitted via cable connection and therefore be labeled correctly the source IP address of the wired network adapter.

    What I see with Wireshark is a packet of "pursuit"data on the cable network with a source IP address of the wireless network card and a registered some IP destination IP address.  Given our network configuration, this package creates a loop of reset TCP between our content security filter and the internel default router that fills our path to the Internet.  This problem started about 2 months ago and so far, all the research I've done are facing a problem with the laptop and have to assume it's an OS problem.  I guess there are some changes to the operating system in the way it handles packets when the cable network comes back online.  I have to wonder "I just missed this before?  I was the administration of the network for years and I'm sure I would have noticed the effects of these representations.

    Any thoughts?

    Hello

    Your Windows XP question is more complex than what is generally answered in the Microsoft Answers forums. It is better suited for the Windows XP IT Pro on TechNet public. Please ask your question in the Forums Pro Windows XP IT.

  • IP address of the source system in monitoring SOA

    Hello

    I want to make a list of witnesses where all source IP addresses will be there who ever called my services to soa server.

    Is there any soa server log that allows to capture such data.

    I am using soa 11g.

    Thanks in advance

    Well,.

    It depends what endpoints of service for "monitor." If you want to only capture incoming requests to the HTTP binding, you can use the access.log soa_server1/logs folder in your domain record. If you have SST as reverse proxy, use the web server access history.

    HTH,

    A.

  • Thin client JDBC - IP source address

    I see the program in session $ v as JDBC Thin Client.  I need to know where the connections are coming from (source ip address).

    I reason to assume that the only way I'll be able to see who is not in the views v$ but traces of sqlnet server-side to activate?

    Thank you

    Jacqueline wrote:

    Hey, thanks for the replies. It is a database 10g running in a RAC 11g cluster.

    Yes this is level 3 - end user connects from browser to the Web site, site Web running java code (or maybe the browser activates a java applet, although I doubt that - I don't know the complete development environment) and connects to the db via jdbc client light.

    I see some server names, in v$ session.machine - probably that they are web servers, so maybe that's all I'm going to (same as IP really as they are internal servers)-as for the end user, I expect that they will have to use for this httpd logs

    Thanks a lot for helping me to focus on this

    If you wish / expect end user IP #, then the application MUST be modified & WEBSERVER must participate to get & send the IP # of the end-user; because the WEB server is the only device that is in direct contact with the end user.

Maybe you are looking for