would someone please verify my following Cisco SCCP VOIP setup looks valid?
My network topology:
<network-A> --- Checkpoint NGX R65 --- <network-B>
Users in network-A will use Cisco softphone.
Two Cisco Call Managers, and other softphone/hardphone users in network-B.
I create VOIP domain object:
voip-domain-1 (endpoint domain = grp-network-A-and-B, voip installed
= cisco-ccm-server1)
voip-domain-2 (endpoint domain = grp-network-A-and-B, voip installed
= cisco-ccm-server2)
Then, I have these rules setup:
Src=network-A // Dst=cisco-ccm-server1, cisco-ccm-server2 // Srv =
tftp # softphone initial setup
Src=network-A // Dst=voip-domain-1, voip-domain-2 // Srv=SCCP
Src=voip-domain-1, voip-domain-2 // Dst=network-A // Srv=SCCP
Things are working. I can call from network-A to phone in network-B,
and also work in another direction. But, the strange thing is
periodically I see some firewall log drop entries indicating some RTP
traffic between phone-A to phone-B is dropped. It doesn't happen
often, but it happens from time to time and can be from phone-A or
from phone-B during a phone conversation. But again, the phone call
is making through and both parties can hear and talk to each other.
Is my above configuration looks good? Any ideas why I would see some
RTP traffic dropped?
FYI, I am running Secure Platform 26, which I suppose it included the
latest HFA-2 already.
Thanks.
-raymond
Scanned by Check Point Total Security Gateway.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
