Hi all,

Here's the scenario:

We have a cisco 1811 router at our datacenter solely used for VoIP purpose and also a cisco 2811 router here in our office.

There is a tunnel between these 2 routers and it's working fine. Tunnel is up and no problems with ping.

The VoIP router is setup with public IP. Hence, if we ping voip.xxx.com from outside, we will get the public IP configured for it. This "voip.xxx.com" is configured on our softphones (such as x-lite) from outside.

Now, we want to limit the usage in such as way that only our office should be able to talk to "voip.xxx.com" and it should be denied from outside.

I have configured the VoIP router something like below:

interface Vlan1

ip address 203.82.x.x 255.255.255.252

ip nat inside

ip virtual-reassembly

ip access-group Elastix in

ip access-list extended Elastix

permit ip host 203.82.x.x 192.168.100.0 0.0.0.255

permit ip host 203.82.x.x 192.168.100.0 0.0.0.255

permit ip host 203.82.x.x 192.168.100.0 0.0.0.255

Once I do the above, I am not able to ping "voip.xxx.com" from my office and the phones stop working.

Any help would be greatly appreciated. If you require configs of the router, please let me know.

Kind Regards,
Vignesh.