Showing results for 
Search instead for 
Did you mean: 

SPA504 Behind Sonicwall to Sonicwall VPN at remote office


A client have 2 existing sonicwall devices with site to site VPN.  Main site has UC540 with a dozen phones.  The client want to have 2 SPA504g phones on the remote site behind the remote Sonicwall VPN.  Unfortunatley SPA525s are not an option as per the customer.

Any information in this regard would be very much appreciated.


5 Replies 5


You can make the phones work over just about any VPN / MPLS / Etc.

These are the requirements:

1. Either hardcode a tftp server ( for the UC500) or have the DHCP server serving the phones hand out with option 150.

2. Make sure the network the phones are in have routing to

I believe by default the tftp server is bound to so you should either make routable as well or change that binding.


Please rate useful posts.

Would there be any seetings needed for the VLAN100, etc.

I have done it both ways for the remote site:

1. Just put the phone in the data VLAN and make sure it has routing to


2. Create a VLAN 100 at the remote site and do something like

Option 2 is better if you have QOS / Security concerns... but it is harder to setup.


Please rate useful posts.

Thank you for your help.  I used the #1 solution.  I called Cisco support and they told me that and both networks need to be forwarded.  Instead of that, I did  Even with the DHCP giving 150-TFTP for, the SPA504 still would not work.  In the SPA504 network configuration, there is no place you can manually configure the TFTP.  The SPA525 you can manually configure it.

I took the phone to the client's main office which had the PBX, configured the phone and then I brought it back to the remote office.  After plugin it worked right away.  I guess, as long as the phone does not get factory reset, it will keep working.

Not sure how I can manually configure the TFTP on the SPA504.  The settings have a padlock and not sure how to unlock them.

Thanks again for your help.

Chaudhry Manzoor

Try "**#" to unlock the settings.

In any case, option 150 will definetely work if you have it configured correctly; you should check your DHCP server settings.

Otherwise a packet capture of the phone booting would be the easiest way to troubleshoot.


Please rate usful posts.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: