IP Office 406 with 3 VPN Sites - Voip Issues 1

[KevinBugg]

We have 3 sites which are linked via vpn tunnel. IP Office was configured by Avaya Specialists but we have major issues. We can not call between sites successfully via voip. The calls are answered but no two way conversation, or the line is dropped. What can we do to try and test for ourselves. Pointers to test basic settings? Our 2 UK offices are joined by a small community network but even those calls are bad. Our other office has its own dedicated voicemail server hence the reason it isn't part of this network. We have leased lines so the connection between the sites should be ok. We have been having these issues for months and the specialists pointed me here!!

 

[tlpeter]

They call themselves specialist and point you to here

One way speech is 99% of the time a routing issue

Your problem is network based !
Are there sny ports blocked in the vpn tunnel ?

ACA - Implement IP Office
ACA - Voice Services Management
______________
Women and cats can do as they please and men and dogs should relax and get used to the idea!

 

[KevinBugg]

I have just checked the vpn connection and sny was not mentioned in the tunnel creation. We have a Sofaware (checkpoint) 500W Firewall at each site if this helps you?

If it was blocking traffic, it would block 100% of the time wouldn't it?

 

[tlpeter]

No not 100%

The ipoffice uses a lot of different ports for different things

Here a list with the ports


IP Office Monitor (Sysmon)
| Back | Print | Feedback |


IP Office Ports
The list below details many of the IP ports used by IP Office control units and IP Office applications. Many of these are standard ports for different IP traffic protocols.

Indicates a port on the IP Office.

indicates a port on a PC running an IP Office service or application.

The names in brackets are those shown in the IP Office Monitor application after the port number.



Port 69 (Trivial File Transfer): File requests to the IP Office.

Port 69 (Trivial File Transfer): File requests by the IP Office.

Port 161 (SNMP): From SNMP applications.

Port 162 (SNMP Trap):
To addresses set in the IP Office configuration. Both SNMP Port numbers can be changed through the IP Office configuration.

Port 520 RIP:
From IP Office to other RIP devices. For RIP1 and RIP2 (RIP1 compatible) the destination address is a subnet broadcast, eg. 192.168.42.255. For RIP2 Multicast the destination address is 224.0.0.9.

Port 520 RIP: To the IP Office from RIP devices.

Port 1719 (H.323 RAS): Response to a VoIP device registering with IP Office.

Port 1720 (H.323/H.245): Data to a registered VoIP device.

Port 2127: PC Wallboard to CCC Wallboard Server.

Port 8080: Browser access to the Delta Server application.

Port 8089: Conferencing Center Server Service.

Port 8888: Browser access to the IP Office ContactStore (VRL) application.

Ports 49152 to 53247: Dynamically allocated ports used during VoIP calls for RTP and RTCP traffic. The port range can be adjusted through the System | Gatekeeper tab.

Port 50791 (IPO Voicemail): To voicemail server address.

Port 50793 (IPO Solo Voicemail): From IP Office TAPI PC with Wave drive user support.

Port 50794 (IPO Monitor): From the IP Office Monitor application.

Port 50795 (IPO Voice Networking): Small Community Network signalling (AVRIP) and BLF updates.

Port 50796 (IPO PCPartner):
From an IP Office application (for example Phone Manager or SoftConsole). Used to initiate a session between the IP Office and the application.

Port 50797 (IPO TAPI): From an IP Office TAPI user PC.

Port 50799 (IPO BLF): Broadcast to the IP Office LAN, eg. 255.255.255.255.

Port 50800 (IPO License Dongle): To the License Server IP Address set in the IP Office config.

Port 50801 (EConf): Used by the Conference Center service.



Ports
IP Office Monitor can be used to display IP packet details including the source and destination Port numbers. As well as displaying the port numbers (in decimal), IP Office Monitor also displays the names of more commonly used ports including IP Office specific ports.

For example "src = 23" is interpreted as "src = 23 (Telnet)".

The list below details the ports currently decoded by IP Office Monitor. For a full list of assigned non-IP Office ports see

http://www.iana.org/assignments/port-numbers.

20 File Transfer [Default Data]

21 File Transfer [Control]

23 Telnet

25 Simple Mail Transfer

37 Time

43 Who Is

53 Domain Name Server

67 Bootstrap Protocol Server

68 Bootstrap Protocol Client

69 Trivial File Transfer

70 Gopher

79 Finger

80 World Wide Web-HTTP

115 Simple File Transfer Protocol

123 Network Time Protocol

137 NETBIOS Name Service

138 NETBIOS Datagram Service

139 NETBIOS Session Service

156 SQL Service
161 SNMP

162 SNMPTRAP

179 Border Gateway Protocol

1719 H.323Ras

1720 H.323/H.245

50791 IPO Voicemail

50792 IPO Network DTE

50793 IPO Solo Voicemail (i.e. Wave driver for TAPI)

50794 IPO Monitor

50795 IPO Voice Networking

50796 IPO PCPartner

50797 IPO TAPI

50798 IPO Who-Is response

50799 IPO BLF

50800 IPO License Dongle

50801 EConf






Protocols
IP Office Monitor, as well as displaying the Protocol number (in decimal) of packets, also displays the names of the more common Protocols. For example "pcol = 1" is decoded as "pcol = 1 (ICMP)".

Protocol numbers currently decoded by IP Office Monitor are:

1 - Internet Control Message [ICMP]

2 - Internet Group Management [IGMP]

6 - Transmission Control [TCP]

8 - Exterior Gateway Protocol [EGP]

9 - Interior Gateway Protocol [IGP]

17 - User Datagram [UDP]

41 - Ipv6 [IPV6]

46 - Reservation Protocol [RSVP]

47 - General Routing Encapsulation [GRE]

58 - ICMP for IPv6 [IPv6-ICMP]

111 - IPX in IP[IPX-In-IP]

115 - Layer Two Tunneling Protocol [L2TP]

121 - Simple Message Protocol [SMP]





ACA - Implement IP Office
ACA - Voice Services Management
______________
Women and cats can do as they please and men and dogs should relax and get used to the idea!

 

[KevinBugg]

But as we have a vpn tunnel between the sites, i was under the impression that all protocols etc are unblocked, allowing all sites to communicate with each other without any problems.

How can i test to see if something is blocked?do you know an easy way to do this?sorry but i am not an avaya specialist and have never configured anything like this before

 

[ProviderReborn]

How are the site fixups set on the VPN's?

ACA - IP Office Implement
ACA - IP Telephony
CCENT - Cisco ICND1
CCNA - Working towards.

 

[ronromano]

Uncheck allow direct media path under the voip line settings at all sites involved. let me know what happens.

 

[mattKnight]

We have leased lines so the connection between the sites should be ok.

do you have Point to point leased lines or leased lines to the internet?

If you have ptp leased lines (eg kilostream) then VPN is not required. Likewise, I wouldn't expect to see a firewall between the 2 sites

However, if you have leased lines to the internet, teh above doesn't hold true

Please let us know at bit more about your data networking, because the symptoms you describe suggest either ports are blocked or a routing issue. These will be hard to solve unless we understand what you have

Take Care

Matt
If at first you don't succeed, skydiving is not for you.

 

[KevinBugg]

it doesn't appear that we have an option for this within our firewall interface. This is a small business Sofaware Firewall. I have just searched every screen and nothing mentions fixups

 

[tlpeter]

Like ronromano said

Uncheck direct media path in your ipline
Do this also on an other location and see it is start working


ACA - Implement IP Office
ACA - Voice Services Management
______________
Women and cats can do as they please and men and dogs should relax and get used to the idea!

 

[KevinBugg]

we have leased lines to the internet with a firewall at each location.

I have just checked. Here is what we have - 3 sites. all sites operate G729a Compression, H50. All have Direct Media ticked, two uk sites have voice networking ticked but US site hasn't. The two UK Sites are part of a small community network.

If i untick direct media what does this do, also what is direct media?

Also, what is voice networking and why is this only enabled on our uk sites?

Thanks for all your help!!

 

[tlpeter]

Voice networking is small communitiy networking


This is direct media path:

Allow Direct Media Path: Default = On
This settings controls whether H323 calls must be routed via the H323 gatekeeper (the IP Office) or can be routed alternately if possible within the network structure.

If enabled, H323 calls can take routes other than through the IP Office. This removes the need for a voice compression channel. Both ends of the calls must support Direct Media. Enabling this option may cause some vendors problems with changing the media path in mid call. Pre-IP Office 4.0, when using direct media path, it is not always possible for the extension to be recorded or monitored.

If disabled or not supported one end of the call, all call are routed via the IP Office.

On pre-4.0 these calls would then require a voice compression channel even if the IP devices use the same audio codec.

On IP Office 4.0 and higher, RTP relay support allows calls between devices using the same audio codec to not require a voice compression channel.




ACA - Implement IP Office
ACA - Voice Services Management
______________
Women and cats can do as they please and men and dogs should relax and get used to the idea!

 

[KevinBugg]

We have version 4.0.7 at 2 sites and version 4.0.10 in the US so does that make this recommendation invalid or not relevant?

 

[ProviderReborn]

Turn off DMP on these sites and re-test as suggested.

ACA - IP Office Implement
ACA - IP Telephony
CCENT - Cisco ICND1
CCNA - Working towards.

 

[ABCTELECOM]

I would also un-tick voip silence suppression in the voip properties of the extension in addition to direct media path, and use ulaw for the compression.

 

[mattKnight]

How are your VPNs set up.

Are they router to router?

Have you opened the UDP ports for the streams? (Ports 49152 to 53247)?

The call control appears to be ok, so I'd guess that the RTP streams aren't good.


Take Care

Matt
If at first you don't succeed, skydiving is not for you.

 

[KevinBugg]

I have removed the Direct Media Path entry for all sites and the telephone calls through voip are now much better. Thank you

However, By doing this, what problems is this going to cause if any? Will our phone call traffic now be heavier than before or slow down or create more traffic on our network? (please dont reply by copying from help and use that as an answer)

Thanks in advance

 

[ronromano]

Your welcome, we thank you for the stars. It will cause many, beware. I would like to tell you but I don't like to type. Cutting and pasting would be easier.

 

[tlpeter]

Copying from help is a good thing
It will you read the very very very good help that is within manager !!!

Unchecking direct meida path means that every call by ip needs a vcm channel
Every call from ip to trunk needs an vcm channel
When direct media path is checked you do not need that vcm channel
But in a way this is blocked and causes one way voice or no voice at all !!!

Use a packet sniffer if you are short on vcm channel to sort your problem


ACA - Implement IP Office
ACA - Voice Services Management
______________
Women and cats can do as they please and men and dogs should relax and get used to the idea!

 

[kurthansen]

lol @ ronromano

Reading in the help file gives some good info on this.... too bad I can copy and paste from it though.