Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3263
Views
0
Helpful
4
Replies

Routing VoIP phones over VPN

Jonathan Tzeng
Level 1
Level 1

‎09-25-2015 01:42 PM - edited ‎03-08-2019 01:56 AM

A little background first:

Currently, we have a main office and a remote office. They are connected via site-to-site VPN. Main office uses a Cisco 2921 router with DHCP at 10.10.10.0/24 while the remote office also has a Cisco 2821 router issuing IPs at 10.10.11.0/24.

Our phone system consists of the AT&T Syn248 gateway and its corresponding IP phones. The gateway is what connects our regular phone lines to the network switch and has it's own IP address. The phones connect to the network via Ethernet and are assigned their own IP address via DHCP. Only the main office has a gateway but both offices have the IP phones.

In this context we can say the devices have the following IP addresses: 
Main Office: 
Phone gateway: 10.10.10.5 
IP phone: 10.10.10.6 
Remote Office: 
IP Phone: 10.10.11.200

The issue:

The issue I'm getting is that the remote office's phones cannot connect to the main office's gateway. I've tried to set the gateway on the remote phone to 10.10.10.1 to see if that would do anything but I can't seem to pick up the main office's phone gateway. I've also gave it a shot in the dark and set a static IP on the phone so that it is under the same IP range as the main office but that didn't work either. I've also taken a look at IP forwarding on the Cisco routers but am unsure if doing so would work as well.

Is there any way to get the remote office's phones to connect to the main office's gateway? Any help would be greatly appreciated!

Labels:
0 Helpful
4 Replies 4

Jon Marshall
Hall of Fame
Hall of Fame

‎09-25-2015 01:51 PM

Just to clarify.

You say only the remote office has a gateway but then the rest of your post suggests it is at the main office ?

I'm not a VoIP person but is it correct to say you just need IP connectivity between the phones in the remote office and the main office ie. the phones don't actually need to be on the same IP subnet ?

If so what does the configuration of the VPN look like on both ends ?

Presumably the VPN works for other traffic ?

Also does each site use it's own router for internet or is there a central internet ?

Finally are you running firewalls on each router ?

Apologies for all the questions but it could be a number of things.

Jon

 

0 Helpful

Jonathan Tzeng
Level 1
Level 1
In response to Jon Marshall

‎09-25-2015 02:12 PM

Jon,

No need to apologize! Thank you for the quick response.

Sorry for the confusion! I corrected the mistake. The gateway is in the main office.

I'm not too familiar with VoIP and this phone system as well but from what I've seen is that all the phones connect to the phone gateway and that is how they can communicate to each other. Each phone is assigned their own IP and then it is connected to the gateway. I'm not sure if they need to be or don't need to be on the same IP subnet.

VPN traffic works both ways. I can ping the remote office from main office and vice versa. 

Each site uses it's own router for internet.

There are firewalls set up but I have allowed all traffic from the main office to go to the remote office and vice versa for now.

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to Jonathan Tzeng

‎09-25-2015 02:19 PM

So from a device on the remote network can you actually ping the gateway on the main network ?

You definitely won't be able to use a 10.10.10.x IP in the remote office.

In terms of port forwarding if VPN traffic is working both ways as is you shouldn't need it as far as I can tell.

Obviously if each site has internet then you must be translating the IPs to public IPs.

So presumably you are not translating the IPs when they go via the VPN tunnel ?

Jon

0 Helpful

Dennis Mink
VIP Alumni
VIP Alumni
In response to Jonathan Tzeng

‎09-28-2015 04:08 PM

Jonathan, 

 

forget about voice for a minute, and lets troubleshoot this in a structure way.

 

you say: "The issue I'm getting is that the remote office's phones cannot connect to the main office's gateway"    so can you actually ping 10.10.10.1 from your remote office's subnet, that the phones are in.

so do an extended ping from the remote office phone (10.10.11.x) subnet's default gateway and ping 10.10.10.1.  

start with that. if that works, set up wireshark on your main gateways port (port mirror) and see if you can capture ANY traffic from the phones..

 

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card