Reply
Topic Options
Frequent Advisor
Samael
0

A little bit bug with CMAD and VPN

Options

‎02-07-2012 08:48 AM

We're using Cicso AnyConnect to connect our road warriors to company infrastructure. One of it - CMAD.

Idea is not creating a full VPN tunnel, just add an one more IP + some routes to different subnets. Dialling internally via Address Book or E.164 numbers works perfectly. But dialing outside to world fails. Due to CMA GK log it fails with something like:

============================ <02:07:12 17:26:15> ============================
ARQ Received
    'requestSeqNum'  49850
    'callType'  14495
        'pointToPoint'  0
    'callModel'  9638
        'gatekeeperRouted'  0
    'endpointIdentifier'  8  '98428598'
    'destCallSignalAddress'  11343
        'ipAddress'  -111
            'ip'  4  '140.242.250.203'
            'port'  1720
    'srcInfo'  2
        '1'  10219
            'h323-ID'  14  'UserCMADesktop'
        '2'  8635
            'e164'  3  '604'
    'srcCallSignalAddress'  11343
        'ipAddress'  -111
            'ip'  4  '192.168.0.15'
            'port'  1720
    'bandWidth'  38400
    'callReferenceValue'  24274
    'conferenceID'  16  '54 BF E7 FE 44 05 00 1F 32 72 C3 40 79 BE 1F 6D '
    'activeMC'  0
    'answerCall'  0
    'canMapAlias'  1
    'callIdentifier'  -111
        'guid'  16  '6B B4 E7 FE 44 05 00 1F 32 72 C3 40 79 BE 1F 6D '
    'gatekeeperIdentifier'  7  'PN:PLCM'
    'willSupplyUUIEs'  0
    'canMapSrcAlias'  1
    Process ARQ
    HRAS hsRas 0xdb72974, HCALL hsCall 0xc560d14, HAPPCALL haCall 0x10002da
    Source of Msg is 10.10.28.17:1719    ARQ from Originator
    CallType is 0
    DestCallSignal is 140.242.250.203:1720
    SrcInfo[0] = IgorCMADesktop
    SrcInfo[1] = 604
    Total Bandwidth is 3840000 : per side BW is 1920000
    ConferenceID is 54bfe7fe-4405-001f-3272-c34079be1f6d
    CallID is 6bb4e7fe-4405-001f-3272-c34079be1f6d    ActiveMC is 0
    CallReferenceValue is 0x5ed2
Processing ARQ    Processing Dialrule: Name 'Unknown' Type 'Unknown'
    **Error**: ARJ sent. Cannot resolve address. The reason is Location Not Found.
Sending ARJ
    'rejectReason'  0
        'requestDenied'  0
    'genericData'  -555
        '1'  0
            'id'  0
                'oid'  11  '01 03 06 01 04 01 36 3D 03 00 01 '
            'parameters'  2
                '1'  -555
                    'id'  -555
                        'standard'  1
                    'content'  -555
                        'number32'  173
                '2'  -555
                    'id'  -555
                        'standard'  2
                    'content'  -555
                        'raw'  21  'Cannot find location.'

 CMAD sends not VPN address interface, but Local IP

 

    'srcCallSignalAddress'  11343
        'ipAddress'  -111
            'ip'  4  '192.168.0.15'
            'port'  1720

10.10.0.0 - Is Local company IP's and added to internal Site, that able to get into world. From local network of full VPN tunnel all works OK.

On PVX I was able to set, which network interface is used, but not on CMAD

 

Win XP SP3, CMAD 5.2.2, CMA 6.0.1

Report Inappropriate Content
Message 1 of 3 (479 Views)
 
Reply
Polycom Employee simons
Polycom Employee
simons
0

Re: A little bit bug with CMAD and VPN

[ Edited ]
Options

‎02-07-2012 09:32 AM - edited ‎02-07-2012 09:33 AM

Samael,

 

I would make sure your site topology includes these remote users as the CMA does not have the routing concept of private VPN tunnels. To the CMA, these are just part of the internal network. Therefore, I would make sure the 192 and 10 network subnets were added to a site in your CMA site topology. This will make sure the endpoints are not in the Internet/VPN site which wierd stuff has known to happen.

 

The next thing is to check your dial plans to make sure the one with the IP address is enabled. See my screenshot as an example.

 

S.

Attachment Capture2.JPG ‏36 KB
Report Inappropriate Content
Message 2 of 3 (478 Views)
 
Reply
Frequent Advisor
Samael
0

Re: A little bit bug with CMAD and VPN

Options

‎02-07-2012 10:03 AM

Yes, for CMA it showns like in internal network. Dial plan is the same.

Means when I dial from VPNned CMAD to internal network, it shows srcIp, like internal (VPN adapter)

============================ <02:07:12 17:29:04> ============================
ARQ Received
    'requestSeqNum'  49852
    'callType'  14495
        'pointToPoint'  0
    'callModel'  9638
        'gatekeeperRouted'  0
    'endpointIdentifier'  8  '98428598'
    'destinationInfo'  1
        '1'  8635
            'e164'  7  '6555407'
    'srcInfo'  2
        '1'  10219
            'h323-ID'  14  'UserCMADesktop'
        '2'  8635
            'e164'  3  '604'
    'srcCallSignalAddress'  11343
        'ipAddress'  -111
            'ip'  4  '10.10.28.17'
            'port'  1720
    'bandWidth'  38400
    'callReferenceValue'  24275
    'conferenceID'  16  '05 11 4D 4A 6C 05 00 1F 32 72 C3 40 79 BE 1F 6D '
    'activeMC'  0
    'answerCall'  0
    'canMapAlias'  1
    'callIdentifier'  -111
        'guid'  16  '04 05 4D 4A 6C 05 00 1F 32 72 C3 40 79 BE 1F 6D '
    'gatekeeperIdentifier'  7  'PN:PLCM'
    'willSupplyUUIEs'  0
    'canMapSrcAlias'  1
    Process ARQ
    HRAS hsRas 0xdb71214, HCALL hsCall 0xc561104, HAPPCALL haCall 0x10002db
    Source of Msg is 10.10.28.17:1719    ARQ from Originator
    CallType is 0
    DestInfo[0] = 6555407
    DestCallSignal is 0.0.0.0:0
    SrcInfo[0] = IgorCMADesktop
    SrcInfo[1] = 604
    Total Bandwidth is 3840000 : per side BW is 1920000
    ConferenceID is 05114d4a-6c05-001f-3272-c34079be1f6d
    CallID is 04054d4a-6c05-001f-3272-c34079be1f6d    ActiveMC is 0
    CallReferenceValue is 0x5ed3
Processing ARQ    Processing Dialrule: Name 'Alias' Type 'LocalDS'
    Add CallSignal Address List to Resolve Address List
        TransportAddress: 10.10.28.16:1720 type 0 'IP' distribution 2 'Unknown' length 0
    Resolved 6555407 to a list of possibles contacts.
    ParseListResolvedAddress(): OUTPUT Individual: String is 6555407, Endpoint's IP is 10.10.28.16
        FindNetPath(): 1920000 requested per side
        FindNetPath(): IP path found. Acquired Per Side BW = Requested Per Side BW = 1920000
    Local BW Approved
    No server : Going with Local BW Approved
    Setup Info: TO: 10.10.28.16:1720   VIA: 10.10.28.16:1720   Per side BW: 1920000
ACF sent. The source is Originator
Sending ACF
    'requestSeqNum'  49852
    'bandWidth'  38400
    'callModel'  0
        'gatekeeperRouted'  0
    'destCallSignalAddress'  0
        'ipAddress'  0
            'ip'  4  '10.10.21.6'
            'port'  1720
    'destinationInfo'  0
        '1'  0
            'e164'  7  '6555407'
    'destinationType'  0
        'gateway'  0
        'mc'  0
        'undefinedNode'  0
    'willRespondToIRR'  0
    'uuiesRequested'  0
        'setup'  0
        'callProceeding'  0
        'connect'  0
        'alerting'  0
        'information'  0
        'releaseComplete'  0
        'facility'  0
        'progress'  0
        'empty'  0
        'status'  0
        'statusInquiry'  0
        'setupAcknowledge'  0
        'notify'  0

 but, when routed not via e164, but IP address, it shows not VPN adapter address, but local LAN.

Problem not in CMA, but in CMAD.

Report Inappropriate Content
Message 3 of 3 (474 Views)
 
Reply