Cisco Split Tunnel SIP traffic only on edge routers

[DaveSatIBP]

I have a full tunnel hub and spoke corporate network with 80+ spokes.
I have a new requirement to allow SIP and RTP packets to route through the WAN interface on one of my Cisco 871 without being tunneled back to the corporate head end.
The IP PBX provider stated that this will result in lower latency with the SIP trunk provider.
I have confirmed that if I ping the SIP provider from the router the latency is 44ms, through the tunnel it is 136ms.
I need assistance with configuring the access-lists to allow this traffic to pass if even possible.

 

[intelwizrd]

You might be able to create and extended ACL with a deny for the SIP and RTP ports and then a permit any any (if all traffic gets tunneled back to corporate) and use that in the vpn config on each of the spokes. Never tried an extended ACL with ports before much less a deny but then again, the last statement in any ACL is an implicit deny.

If the IP is static for the SIP trunk provider you could try with just a standard ACL and a deny for that IP and permit any any after to tunnel all back.

----------------------------
Josh