Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IP phone on VPN one way audio 2

Status
Not open for further replies.

BerettaGuy

IS-IT--Management
Aug 14, 2023
33
US
Ok so I'm struggling with this one because I can never find any sign of anything being blocked or not making a connection in logs and this should be the easiest remote phone out there.

I have a IPSec VPN from one site to another utilizing a SonicWall NSA2700 and TZ470W devices. This VPN has been up and running for years now and every other service has been basically flawless, or as flawless as it can be at the limits of our internet speeds.

The issue I'm having is the one IP phone (J179) at this remote location, when calling an extension local to here, where the IP Office is located to another IP phone, there is one way audio. I can hear them talking but they can't hear me. However, if they hang up and repeat that 2 more times typically on the third attempt you can hear audio in both directions. I have no clue what I could be missing on this configuration to make this work. To add to the mix, that remote phone was able to identify and connect to the IP Office when I deployed the last software version update, 11.1.2.4 I honestly wasn't sure if it was going to be able to connect and receive the update, but it did without issue and that IP Phone is at the latest firmware, 4.1.1.0.7

DHCP is handled locally by the TZ470W, it's on a different subnet than local here, but that subnet is in a trusted location. It shows up in the Avaya SIP Endpoint list just like any other local J179, with it's IP address. Only the fully external phones show a Private IP address.

If I ping the phone from System Status, 3 will send and 3 will be lost, if I do it multiple times back to back I eventually get some response not all 3... almost like the three call attempts it eventually works. If I do a standard ping from a command prompt I get 4 sent 4 replies with a average 64ms response time.

Any insight or ideas to try would be greatly appreciated.
 
I think I found the issue. I have SSO setup on both firewalls and I did not realize that you need to configure address objects for devices you want to bypass on both firewalls to allow them to work properly. All I did was add the IP address of the IP Office to an SSO Bypass group on the remote firewall and now I get 3 ping's and replies.

The reason why I did this was the System Log showed a SSO Agent returned error right around every time I tried to ping the phone from System Status, and it was referencing the IP Office address.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top