1 Reply Latest reply on Oct 14, 2014 11:48 AM by ss_daveh

    SIP and Policy based routing

    mikeatcomtech New Member

      I have configured a 3448 with EFP as a SIP transparent proxy.  This router has two WAN connections and is using PBR to send VLAN1 (Data) to the Cox cable connection and VLAN10 (Voice) to the Windstream T1.  Currently when connecting  laptop to each VLAN the packets follow the correct route to proper ISP. However when looking at the phones registration information in the PBX, all phones still register with the public address from the wrong ISP.  Media-Gateway ip primary is enabled on all interfaces and I cannot figure out why the SIP packets will not follow the PBR.  I have attached the running config, Help!

        • Re: SIP and Policy based routing
          ss_daveh New Member

          I've used a similar setup with multiple WAN and LAN connections with a similar result. I ended up getting it operational by separating the WAN policy-classes.

           

          interface eth 0/1

            description  Voice_Primary_Data_Backup

            ip address  x.x.x..169 255.255.255.248

            ip packet-capture 1CAPTURE

            ip mtu 1500

            ip access-policy Public

            media-gateway ip primary

            traffic-shape rate 10M

            max-reserved-bandwidth 95

            qos-policy out VOIP-OUT

            no awcp

            no shutdown

          !

          !

          interface eth 0/2

            description  Data_Primary_Voice_Backup

            ip address  x.x.x.9 255.255.255.248

            ip packet-capture 1CAPTURE

            ip mtu 1500

            ip access-policy Public2

            media-gateway ip primary

            traffic-shape rate 1.5M

            max-reserved-bandwidth 95

            qos-policy out VOIP-OUT

            no awcp

            no shutdown

          !

          interface vlan 10

          ip address  192.168.1.1  255.255.255.0

          ip access-policy Private

          media-gateway ip primary

          no awcp

          no shutdown

          !

          !

          interface vlan 20

          ip address  192.168.15.1  255.255.255.0

          ip access-policy Private2

          media-gateway ip primary

          no awcp

          no shutdown

          !

          ip policy-class Private

            allow list DEVICE self

            nat source list NAT-ICS interface eth 0/2 overload policy Public2

            nat source list NAT-ICS interface eth 0/1 overload policy Public

          !

          ip policy-class Private2

            allow list DEVICE self

            nat source list NAT-ICS interface eth 0/1 overload policy Public

            nat source list NAT-ICS interface eth 0/2 overload policy Public2

          !

          ip policy-class Public

            allow list SSMANG self

            allow list SS-SBC self

          !

          ip policy-class Public2

            allow list SSMANG self

            allow list SS-SBC self

          !

          ip route 0.0.0.0 0.0.0.0 x.x.x.174 PING1

          ip route 0.0.0.0 0.0.0.0 x.x.x.14 100

          ip route x.x.200.0 255.255.248.0 x.x.x.14 PING2

           

           

          Where the .14 interface is the gateway for the .9 public IP on eth 0/2 and NATs out that interface destined for the x.x.200.0 network. The important part is the Public and Public 2 after the overload statements. I've setup multiple routers using this policy based routing and it's been working perfectly.

           

          Hope this helps