>[оверквотинг удален]
>> access-list Metromax_Internet_access_in remark Allow ASTERISK from EXTERNAL
>> access-list Metromax_Internet_access_in extended permit ip any object ASTERISK_NAT
>> access-list Metromax_Internet_access_in extended permit udp any any range 10000 20000
>> object network ASTERISK_NAT
>> nat (any,Metromax_Internet) static interface service tcp 5060 6000
>> Теперь из интернета с адреса 81.200.111.9 регистрация на моем ASTERISK проходит, но
>> при звонке в обе стороны не слышно абонента на обоих концах.
>> Что надо и где прописать, чтобы был голос при звонке?
> Обычный NAT не поможет.
> Ищите в интернете по inspect sip & inspect rtsp.Я в policy-map global-policy в class global-class добавил inspect sip но результата нет.
class-map global-class
match default-inspection-traffic
class-map AIST_Internet-class_shape
match access-list AIST_Internet_mpc
class-map Restrict_speed_to_N099
match access-list Interconnect_mpc
class-map type inspect http match-all bit-torrent-tracker
description Bit Torrent Tracker communication
match request args regex bit-torrent-tracker
match request method get
class-map inspection_default
!
!
policy-map AIST_Internet-policy_shape_traffic
class AIST_Internet-class_shape
police input 20000000 10000
police output 20000000 10000
policy-map global_policy
class inspection_default
inspect sip
policy-map Restrict_speed_to_N099
description Restrict speed to N099
class Restrict_speed_to_N099
police input 2000000 2000
police output 2000000 2000
policy-map global-policy
description inspection_default
class global-class
inspect dns
inspect h323 ras
inspect icmp
inspect icmp error
inspect ip-options
inspect rtsp
inspect skinny
inspect sqlnet
inspect sunrpc
inspect ftp
inspect sip
class class-default
set connection embryonic-conn-max 500 per-client-max 5000 per-client-embryonic-max 500
set connection timeout idle 4:00:00 reset dcd 0:15:00 5
user-statistics accounting
ips inline fail-open
flow-export event-type all destination 192.168.250.10 192.168.250.36
policy-map type inspect http Drop-P2P
description Drop protocol violations, Kazaa, gator and Bit Torrent Tracker traffic
parameters
protocol-violation action reset log
class _default_kazaa
reset log
class bit-torrent-tracker
reset log
class _default_gator
reset log
!
service-policy global-policy global
service-policy AIST_Internet-policy_shape_traffic interface AIST_Internet
service-policy Restrict_speed_to_N099 interface Interconnect
prompt hostname context
no call-home reporting anonymous
А есть пример настройки для CISCO ASA или это настолько сложно, что никто не смог реализовать.