Hi,

We've configured Phone VPN and tested to ensure everything was setup properly and it is.

But once we setup the user's phone (which we've also tested) when they attempt to connect the phones at home through residential routers (linksys and i believe a netgear as well) the phone never attempts to initiate a VPN connection.

Doing some troubleshooting and looking at some packet capture we identified the source of the problem which is the DHCP offer provided by the home routers, it includes an siaddr which is used by the phones to identify their TFTP if the previous options failed or are missing.

So no we see the phone attempting a DNS lookup which fails then followed by a few ping to the siaddr which is the router's address then attempts to download its config from the router through TFTP.

Since homes routers are fairly limited as far as configuration goes we can't remove the siaddr from the DHCP.

Does anyone know of a way to prevent the phones from using the siaddr as an option for the TFTP address?

Otherwise i fear the only option left is to disable DHCP on the phone and configure them manually which isn't the best option since the end users are not all network savy

Thanks,

Jonathan S