Re: VoIP and VPN

sandman420 · ‎02-05-2009

Hello,

I have a question about some voip/vpn configuration. I've got two sites that have 1760 routers with fxo/fxs cards that are going to be tieing the two phone systems together with a couple of voip trunks. These are secondary devices on the network with no data traffic or real LAN even, but addressed with a 2nd wan ip on the fa 0/0 port. The only traffic going through these routers is voice/voip.

My question is about this voip setup with vpn. First off, should I or shouldn't I? If I configure a site-to-site vpn connection, will the voip traffic pass over that? How would I set up a VPN tunnel for only the fxo/fxs cards with no "LAN" behind it? Is there a need to have a vpn? Any benefits to sending the voip data across vpn, other than the obvious encryption of the "call"?

Here's my voip configuration as it sits on the bench in testing; I have both fa 0/0 interfaces connected to the local LAN just for a connection and testing, but each will later be getting it's own static WAN IP on the fa 0/0 interfaces:

SITE 1:

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname SITE 1

!

boot-start-marker

boot-end-marker

!

enable secret XXX

!

no aaa new-model

voice-card 2

!

voice-card 3

!

ip cef

!

interface FastEthernet0/0

ip address 192.168.254.30 255.255.255.0

speed auto

no shutdown

!

no ip http server

no ip http secure-server

!

control-plane

!

voice-port 2/0

connection plar opx 290

!

voice-port 2/1

connection plar opx 291

!

voice-port 2/2

!

voice-port 2/3

!

voice-port 3/0

connection plar 190

!

voice-port 3/1

connection plar 191

!

voice-port 3/2

!

voice-port 3/3

!

dial-peer voice 180 pots

destination-pattern 180

port 2/0

!

dial-peer voice 181 pots

destination-pattern 181

port 2/1

!

dial-peer voice 190 voip

destination-pattern 19

session target ipv4:192.168.254.40

!

line con 0

logging synchronous

line aux 0

line vty 0 4

password xxx

logging synchronous

login

transport input telnet

!

end

AND SITE 2:

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname SITE 2

!

boot-start-marker

boot-end-marker

!

enable secret XXX

!

no aaa new-model

voice-card 2

!

voice-card 3

!

ip cef

!

interface FastEthernet0/0

ip address 192.168.254.40 255.255.255.0

speed auto

!

no ip http server

no ip http secure-server

!

control-plane

!

voice-port 2/0

connection plar opx 280

!

voice-port 2/1

connection plar opx 281

!

voice-port 2/2

!

voice-port 2/3

!

voice-port 3/0

connection plar 180

!

voice-port 3/1

connection plar 181

!

voice-port 3/2

!

voice-port 3/3

!

dial-peer voice 190 pots

destination-pattern 190

port 2/0

!

dial-peer voice 191 pots

destination-pattern 191

port 2/1

!

dial-peer voice 180 voip

destination-pattern 18

session target ipv4:192.168.254.30

!

line con 0

logging synchronous

line aux 0

line vty 0 4

password xxx

logging synchronous

login

transport input telnet

!

end

sandman420 · ‎02-09-2009

Does nobody know about this type of setup? Is there anyone that can help me please?

Nicholas Matthews · ‎02-09-2009

You will probably get better answers if you post this over in some of the VPN forums. I'm guessing most people here are going to be more familiar with the voice configuration rather than the VPN design.

-nick

sandman420 · ‎02-09-2009

Nick,

I would, but I already have. I've got like 4x posts going for the last couple of weeks, just keep adding another one in different topics, like VPN, Unified C & V both in general and Video over IP (b/c I thought it had said Voice), as well as several other areas, but no one responds to me. I don't know where else I'm supposed to go to get help on this.