At HQ have an RV220 controling our network and IPSec VPN. We just purcahsed a UC540 so that we can have some employees teleworking. I have the UC540 set to 192.168.10.80 and shut off the DHCP and NAT and locally everything works great. What do I need to do in order to get the teleworker phone (SPA504) setup? I can get to the SPA540 from our HQ by typing the IP address in the browser. Do I need to setup the IPSec VPN to include the Voice vLan? If so, what do I need to do on the RV220 to set that up. I have tried making the UC540 the main router at HQ but for some reason I was unable to port forward to the FTP server that we are running. Also I am only using CCA to edit settings on the UC540.
You need to set up site to site VPN to allow traffic to the data and voice vlans of the main HQ site and the reverse so that HQ can access the data and voice side of the Remote site. If you can PING all subnets from each location it will all work.
Also if you had a SPA525 IP phone.... that has a built in SSL Vpn connection and once set up from the wizard the phone will connect over any internet connection... like a home, hotel etc.
Just to make sure I am understanding you correctly, I need to setup a IPSec Policy at HQ for the voice vlan (10.1.1.1). Also setup a vlan at the remote site that will issue the SPA504 ip address (10.2.~.~). Once I can ping the 10.2.~.~ from HQ everything should be working fine? Will I need to do anything for the phone to appear in CCA?
After a day of being on phone support with Cisco I was told that it can't be done. I was told that since the wrv210 cannot support multiple vpn tunnels using different subnets. Thanks for the help and from what I was told you are exactly right just not able to do it with the wrv210.