Hello group, hope you can help me out, we have a bit of a blame game going on at work and I need some input / insight into it.
We opened a second office with a SA540 Firewall and SG300 switches etc. At our primary location we have an older NEC Aspire with a VOIP card running NEC 34D handsets. Since opening the branch office we are now running the VOIP phones through the VPN tunnel which to my knowledge is "less than ideal" so I thought I would post up and get some input on what you suggest. First our setup:
Firewall 10.41.14.100 SA540
NEC Aspire 10.41.14.10 / VOIP Card 10.41.14.12
Firewall 172.16.8.1 SA540
Switch 172.16.8.2 SG300
I believe the phones are running the H.323 and not SIP for the phones. The VoiceVLAN is 1 with AutoVoice turned on. The issue we are experience is of course dropped call, echo, phone rings and you can't pick it up (nothing happens). Originally thought it was just high latency as the tunnel was putting about 260ms delay and of course with VOIP you need to be as near real time as possible so after a reboot of the firewalls I have been able to get that down to 20-35ms delay but issue(s) still pertain.
What is perplexing me is the following:
Seems like the switches are having trouble recognizing the NEC phones as VOIP phones. Using CDP it is picking them up (sort of) See attached picture.
Questions: If the phone is on VLAN2 I'm not sure if I know the phones are putting the voice traffic on VLAN1. The phone has a switch to allow the computer to connect if there is only one jack so for the VLAN tagging I used 1T2UP for those ports as trunk. I don't have QOS turned on because I am not sure of the TCP / UDP ports to configure for services on the NEC etc. I'm not a phone guy and I'm not sure where to go from here. Does the SA540 support H.323 coming in from the Public IP side? Can I take the phones out of the VPN tunnel and use port forwarding on the main location to eliminate it that way? I heard you can't double NAT and that it won't work. Do I need a H.323 gatekeeper at both locations?
Not sure where to start on this guys so feel free to ask any questions about configs etc I will be glad to post them up. Attached are some pictures from the switch showing it sort of picking up a NEC phone but having some heartburn with it. Your valuable feedback and guidance is as always appreciated!