Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

i2004 VPN capable?

Status
Not open for further replies.
LimeSMJ

LimeSMJ

IS-IT--Management
Sep 3, 2004
13
0
0
US
My i2004 works fine within the main office LAN. When I try to use it at a branch office it fails to find the server. The branch office has a permanent VPN (site to site) connection to the main office (where the phone works fine).

This guy:


...seems to have a working setup but I can't reproduce the results. The connection between the main and branch office is COMPLETELY open - no port blocking either direction as it is a dedicated T1 line. I can ping the phone from the main office when I leave the phone at the branch office. Am I missing something?
 
Sort by date Sort by votes
VPN should work fine. Are u sure there is no port blocking? What IP adresses do u use? Are u using gateways?

regards,

subx
 
Upvote 0 Downvote
The phone is setup in the branch office now for testing. The setup on the phone... static IP address in the branch office subnet. The phone is using the Branch Office's gateway address.

The ports are confirmed to be open in both directions.

Maybe I should change the phone to use the Main Office's gateway address but I figured the routing would be automatically handled by the site-to-site VPN? Ugh. This is frustrating as I can access everything from the Main Office from the Branch Office - FTP, Email, etc. using the Branch Office's gateway.
 
Upvote 0 Downvote
try increasing the retry count. This fixed the exact same problem I had with an ip phone.
 
Upvote 0 Downvote
Tried the retry count but still no go... ugh. It's always the little things (especially with Nortel).
 
Upvote 0 Downvote
I'm testing these IP phones now and all my sites work fine except 1 site in south america. the phones will ring but we can't here each other. We all ready checked the firewall and with the service provider to make sure all ports were open. How can i adjust the retry count on these Phones.

Mike
 
Upvote 0 Downvote
Your Ip phone might not be getting an IP address.
Is it static or dhcp?
Try setting a static. I bet the nortel specific dhcp strings aren't applied to machines registering through vpn.
 
Upvote 0 Downvote
Can you ping the BCM from the remote site?

If you can not ping the BCM you will not get connected.

What is the local IP address of the BCM?

If it is 192.168.1.100 and the gateway 192.168.1.1 make sure you have setup netlink manaber to use your default gateway 192.168.1.1

If you have not set the default gateway on the bcm you will not be able to ping the BCM.

What is your published IP address?

You will find this setting under services-----telephony services-----click on the word Ip telephony and on th right it will tell you if it is lan1 or lan 2.
 
Upvote 0 Downvote
Mike 2287

What are your ping times to South America site?


 
Upvote 0 Downvote
Hi Lime SMJ

I have a BCM with a site to site VPN using customer equipment not the BCM.

The setup is as follows

Site A has a Private IP range 192.168.100.2-192.168.100.254
The subnet for this site is 255.255.255.0
The default gateway for this site is 192.168.100.1

Site B has a private IP Address 192.168.200.2-192.168.200.254
The subnet for this site is 255.255.255.0
The default gateway for this site is 192.168.200.1

The BCM is installed on site A with the Lan 1 IP address of 192.168.100.254
The subnet for the BCM is 255.255.255.0
The default gateway for the BCM under netlink manager is 192.168.100.1 (a netgear router that sets up the vpn tunnel to site B)
The published IP address for the BCM is Lan 1 (default)

The I2004 is setup on site B with the IP Address 192.168.200.200
The subnet for the IP phone is 255.255.255.0
The default gateway is 192.168.200.1 (metgear router that sets up vpn tunnel to site A)
S1 Address is 192.168.100.254
S1 port is 7000
The rest of the settings are just default.

This works fine for this customer

Hope this makes sense
 
Upvote 0 Downvote
mrmarshall

here's the ping times.

Pinging 192.168.168.6 with 32 bytes of data:

Reply from 192.168.168.6: bytes=32 time=89ms TTL=128
Reply from 192.168.168.6: bytes=32 time=132ms TTL=128
Reply from 192.168.168.6: bytes=32 time=195ms TTL=128
Reply from 192.168.168.6: bytes=32 time=88ms TTL=128

Ping statistics for 192.168.168.6:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 88ms, Maximum = 195ms, Average = 126ms

The BCM is in-house now but I haven't got back to testing it through the VPN. At the time I was testing it, it was the vendors BCM at there location.

 
Upvote 0 Downvote
Hi Mike2287

Can you change your ping command to the following.

ping -l 100 192.168.168.6 -t

I need you to run the command to get a better idea of the average ping time. I think your problem is the delay. It should be below 150ms. It can be between 150-200ms but I would recommend the lower part in my experience of the nortel product.

What codec are you using?
What Delay?
How have you set up your jitter?

Marshall
 
Upvote 0 Downvote
I don't think that this is delay. The phone should register even if delay is to high for RTP packets.
2 questions: is 802.1p enabled? what type of router are you using at remote locations?
 
Upvote 0 Downvote
The phone does register.They can ring the phone but there is no voice.

Quote

I'm testing these IP phones now and all my sites work fine except 1 site in south america. the phones will ring but we can't here each other. We all ready checked the firewall and with the service provider to make sure all ports were open. How can i adjust the retry count on these Phones.

Mike
 
Upvote 0 Downvote
Hi Mike

Just check the info below to make sure all your ports are open on the firewall to.

Signaling between the IP telephones and the Business Communications Manager uses Business Communications Manager port 7000. However, voice packets are exchanged using the default RTP ports 28000 through 28255 at the Business Communications Manager, and ports 51000 through 51200 at the IP telephones. If these ports are blocked by the firewall or NAT, you will experience one-way or no-way speech paths.
 
Upvote 0 Downvote
I'll be going back to testing it in the next few weeks when I get a chance. when we were testing it months back the BCM wasn't in-house. and at the time we were testing this we were also testing a satilite internet connection. It worked over the satilite but very poorly. Our land T-1 there runs about 4x faster but we(me and the vendor) think the gov or whoever runs the phone company in that country may have been blocking things on that level.

I don't think I'll have any problems this time around when i start testing but you never know.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dukane123
  • Locked
  • Question
BCM50 Remote IP Sets - VPN or not to VPN?
Replies
3
Views
67
ramblingrebel
ramblingrebel
jsaad
  • Locked
  • Question
voip vpn question
Replies
3
Views
31
Firebird Scrambler
Firebird Scrambler
ramblingrebel
  • Locked
  • Question
port forwarding and VPN
Replies
0
Views
27
ramblingrebel
ramblingrebel
kpzan
  • Locked
  • Question
De-register i2004 IP phone
Replies
2
Views
37
kpzan
kpzan
kpzan
  • Locked
  • Question
i2004 phones on BCM50 6.0
Replies
6
Views
55
kpzan
kpzan

Part and Inventory Search

Sponsor

Back
Top