Is it possible to port block VOIP traffic inside a VPN tunnel?

[nsantin]

Hi,

We are connecting to a BCM 200 3.6 using i2050 phones over a VPN connection through a Contivity 1010.

Works fine in North America.

However, when trying to connect from Brazil or India we only get 1 way speech (i2050 can "hear" but not "talk")

I have only seen this happening when traveling in those 2 countries so far.

This is the same behavior when port blocking a range of ports used by the upload VOIP traffic, however I though that all traffic would be going through the IPSEC tunnel port, so this doesn't quite make sense why this isn;t working. Or does the VPN tunnel still open up the same ports but just encrypt the traffic?.

Thanks for any clarification.

 

[biv343]

It is entirely possible to block certain ports over VPN tunnels, depending on the type of device that the tunnel passes through. It's worth taking a look at the VPN configuration before pulling out too much hair.

Another thing that could be happening is NAT over the tunnel. If they have conflicting networks at those sites, you can NAT the inbound/outbound traffic to make things appear to be separate networks from the perspective of the VPN concentrator. That would break your VOIP as well.

 

[nsantin]

Hi Biv343,

I'm confident its not a setup problem, the same laptops connect fine from North America, the issue only occurs when connecting via a Contivity Dial-Up VPN connections in Brazil or India.

I have recently read that VOIP is heavily regulated in these 2 countries, so Im assuming the ISP is indeed port blocking, regardless of the VPN.

Which raised the next question, anyone know if ports are modifiable, or is SIP used in 4.0? (I know it isn;t in 3.x)

 

[steeef]

but the ISP will never be able to modify or block ports INSIDE the VPN tunnel...