Hi Rob,
Unfortunately its not working. I can see the traffic is being routed via the firewall successfully, but the service is not working.
To give you a little insight into what im trying to achieve - (attached a small drawing of the main components being used, just something i did in paint)
- We have Microsoft SFB Federation services enabled between sip.local.com & sip.remote.com
- Everything (including IM, Calls, Content sharing) works between My Local LAN & Remote Site
- Everything (including IM, Calls, Content sharing) works between external users & Remote Site (i.e. since the SFB services are published outside, anyone in the internet can login to SFB & work)
- Only IM works between My VPN Users & Remote Site
- Calls & Content sharing fails
My observations -
Remote site have enabled federation services to sip.local.com
- This URL is NATted to our Edge DMZ
- This Edge DMZ then has all the relevant routes to my local network & my vpn network
- Hence, as far as local SFB Edge is concerned, it has successful routes to both (local & vpn) network
I tried to telnet sip.remote.com on port 5061 - the response is as below
- My Local LAN - it works fine
- Open internet from home (without VPN) - it works fine
- VPN connected - it does not work
So as far as Remote Site is concerned, they are receiving the traffic successfully
- i.e. if it comes from my Local Subnet, everything works fine.
- but if it comes from my VPN Subnet, the routing issues comes into play
- Im suspecting there is no reverse route from Remote Site to my VPN subnet
Is my understanding correct???
TIA,
Shabeeb
