Hi,
When I make any outbound call from our IP-PBX to Adtran, Adtran is sending 400 bad request as response. There is no reason in the wireshark trace as to why Adtran is sending 400 bad request. The interesting part is at times I am able to make outbound calls at times but most of the time Adtran is sending 400 bad request. I tried disabling the firewall and checked to confirm that's not causing any issue. Can any one suggest what could be reason. Below is my configuration on Adtran.
Setup
Phone <----- ------------------SIP ----------------------> IP-PBX <---------SIP trunk--------> Adtran (FXO)<------------------> PSTN
!
!
! ADTRAN, Inc. OS version R12.3.1.E
! Boot ROM version 14.05.00.SA
! Platform: Total Access 908e (2nd Gen), part number 4242908L1
! Serial number CFG0602027
!
!
hostname "XX"
enable password XXXX
!
!
clock timezone -5-Eastern-Time
!
ip subnet-zero
ip classless
ip routing
ipv6 unicast-routing
!
!
domain-proxy
name-server 192.168.101.200 8.8.8.8
!
!
no auto-config
!
event-history on
no logging forwarding
no logging email
!
no service password-encryption
!
username "xxxx" password "xxxx"
!
ip policy-timeout tcp telnet 14400
ip policy-timeout udp 5060 1200
!
no ip firewall alg msn
no ip firewall alg mszone
no ip firewall alg h323
!
!
!
!
!
!
!
!
no dot11ap access-point-control
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface eth 0/1
description LAN Side
speed 100
ip address 19.168.101.35 255.255.255.0
ip access-policy inside
! IPv4 access-policy will not be used until IPv4 firewall is enabled
ip flow ingress
ip flow egress
no shutdown
media-gateway ip primary
!
!
interface eth 0/2
description Wan Side
speed 100
ip address x.x.x.x 255.255.255.0
ip access-policy outside
! IPv4 access-policy will not be used until IPv4 firewall is enabled
ip flow ingress
no shutdown
media-gateway ip primary
!
!
!
!
interface t1 0/1
shutdown
!
interface t1 0/2
shutdown
!
interface t1 0/3
shutdown
!
interface t1 0/4
shutdown
!
!
interface fxs 0/1
no shutdown
!
interface fxs 0/2
no shutdown
!
interface fxs 0/3
no shutdown
!
interface fxs 0/4
no shutdown
!
interface fxs 0/5
no shutdown
!
interface fxs 0/6
no shutdown
!
interface fxs 0/7
no shutdown
!
interface fxs 0/8
no shutdown
!
!
interface fxo 0/0
no shutdown
!
!
!
!
!
!
!
ip access-list extended REMOTE_MANAGEMENT_ACCESS
permit tcp any any eq www log
permit tcp any any eq telnet log
permit udp any any eq snmp log
permit tcp any any eq https log
permit tcp any any eq ssh log
permit tcp any any eq ftp log
permit icmp any any echo log
!
ip access-list extended web-acl-3
permit ip any any
!
ip access-list extended web-acl-4
remark any : eth 0/1
permit ip any any
!
ip access-list extended web-acl-6
permit tcp any any eq www
permit tcp any any eq https
permit tcp any any eq ssh
permit tcp any any eq telnet
permit udp any any eq snmp
permit icmp any any echo
!
ip access-list extended web-acl-8
remark sip
permit udp any any eq 5100
permit udp any any eq 5060
!
!
!
!
ip policy-class inside
allow list web-acl-3
nat source list web-acl-4 interface eth 0/2 overload policy outside
allow list web-acl-3
!
ip policy-class outside
allow list web-acl-6 self
allow list web-acl-8
allow list web-acl-6 self
allow list web-acl-8
!
!
!
ip route 0.0.0.0 0.0.0.0 x.x.x.x
!
tftp server
no tftp server overwrite
http server
http session-timeout 1800
no http secure-server
snmp agent
ip ftp server
no ip scp server
no ip sntp server
!
!
!
!
snmp-server community netsol RO
!
!
!
!
sip
sip udp 5060
no sip tcp
!
!
!
voice feature-mode network
voice forward-mode network
!
!
!
!
!
!
!
!
voice dial-plan 1 local NXX-NXX-XXXX
voice dial-plan 2 long-distance 1-NXX-NXX-XXXX
!
!
!
!
voice codec-list standard
codec g729
!
voice codec-list g711u
codec g711ulaw
!
voice codec-list All
codec g711ulaw
codec g711alaw
codec g729
!
!
!
voice trunk T01 type sip
description "MIVB"
sip-server primary 192.168.101.20
registrar primary 192.168.101.20
!
voice trunk T02 type analog supervision loop-start
description "FXO Trunk"
caller-id
trunk-number 6132872055
connect fxo 0/0
match dnis "$" substitute "6135928892"
rtp delay-mode adaptive
!
!
voice grouped-trunk MIVB
trunk T01
accept $ cost 0
!
!
voice grouped-trunk FXO
trunk T02
accept $ cost 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
sip grammar from host local
no sip grammar supported 100rel
!
!
!
!
ip rtp udp 20000
ip rtp session timeout 90
!
!
hmr policy Trunk01_Outbound
rule-set Add_PAI_Trunk1 1
!
hmr policy Trunk02_Outbound
rule-set Add_PAI_Trunk2 2
!
!
!
!
ip rtp quality-monitoring
ip rtp quality-monitoring sip
!
line con 0
login
!
line telnet 0 4
login
password tinman
no shutdown
line ssh 0 4
login local-userlist
no shutdown
!
!
!
!
!
end
If you want the TA908e to provide NAT from the outside to the inside, you'll need to enable the ip firewall.
It looks like you have a typo in your eth 0/1 interface.
nterface eth 0/1
description LAN Side
speed 100
ip address 19.168.101.35 255.255.255.0
^
Should its IP address be 192.168.101.35 255.255.255.0 ?
Hi Jayh,
Thanks for reply.
Sorry for the typo.
As mentioned by you I had tried enabling/disabling the ip firewall but it did not work. The problem was with the analog line terminating from the carrier operator. When connected another CO's analog line to Adtran the issue got resolved.
Once again thanks a lot for your time and response..