Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco Split Tunnel SIP traffic only on edge routers

Status
Not open for further replies.
May 4, 2001
13
US
I have a full tunnel hub and spoke corporate network with 80+ spokes.
I have a new requirement to allow SIP and RTP packets to route through the WAN interface on one of my Cisco 871 without being tunneled back to the corporate head end.
The IP PBX provider stated that this will result in lower latency with the SIP trunk provider.
I have confirmed that if I ping the SIP provider from the router the latency is 44ms, through the tunnel it is 136ms.
I need assistance with configuring the access-lists to allow this traffic to pass if even possible.
 
You might be able to create and extended ACL with a deny for the SIP and RTP ports and then a permit any any (if all traffic gets tunneled back to corporate) and use that in the vpn config on each of the spokes. Never tried an extended ACL with ports before much less a deny but then again, the last statement in any ACL is an implicit deny.

If the IP is static for the SIP trunk provider you could try with just a standard ACL and a deny for that IP and permit any any after to tunnel all back.

----------------------------
Josh

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top