Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Remote IP VPN setup for 4610

Status
Not open for further replies.

SJCA53

Technical User
Jan 18, 2008
37
US
We are testing remote IP extensions. Our vendor tech had me set up the IP extensions (2 of them)on our 412 controller, then connect the IP phones in the office and program the settings for internal connection and it connected correctly and recognized the extension. We left the port at the default, and edited the rest of the settings to match the IP addresses for the controller, the phone itself and the file server, and put in the correct VLAN.

Then I took the phone home. I have a Linksys BESFX41 router. IPSec is enabled. I can connect to the VPN at work through that router from a company laptop with no issues.
I plugged the IP phone into the router at home, and it went through the connection routine. When it asked me to press * to program, I did so. Per the tech’s directions, the only setting I changed was the router IP – I put in the Public IP for the firewall our VPN routes through, which is what the tech said to do. That didn't work, so I tried the Public IP for the router in that location. that didn't work either. The tech also admitted he hasn’t really done this particular setup before. The firewall and router for VPN access are not in the same office as the controller the extension is set up on. The controller, file server and phone ip are on a different subnet than the data center. We have an MPLS WAN that connects all of our sites.

What am I missing here? Will this even work? Our vendor does not have a lot of experience in this, so we are trying to sort it out for ourselves. From the other postings I’ve seen, it doesn’t sound like it will work without going through some serious hoops.
Any assistance would be really appreciated
 
The router address should be that of the Ip Office, as should the call server :)

ACS - IP Office Implement

"I'm just off to Hartlepool to buy some exploding trousers
 
With a VPN the handset is effectivly on the LAN at the site where the VPN terminates, so it should be setup as though it was there i.e in the office with the router :)

ACS - IP Office Implement

"I'm just off to Hartlepool to buy some exploding trousers
 
Should have added if the routing isn't in place for the phone to work as if it was plugged in in the data centre, it will not work through the VPN, also all the ports the phone needs to work ned to be open both in the VPN connection and between the system and the data centre over the MPLS.

ACS - IP Office Implement

"I'm just off to Hartlepool to buy some exploding trousers
 
Well, the controller and the VPN router are not on the same LAN, so it sounds like this won't work the way we want to do it.
Which ports in particular? That was one piece I was trying to determine.
Thx

SJenkins
System Specialist
 
UDP 1718 H.323 H.323 Discovery
UDP 1719 H.323 RAS H.323 Status. VoIP device registering with the IP Office.
UDP 1720 H.323/H.245 H.323 Signalling. Data to a registered VoIP device
UDP 49152-53247* RTP/RTCP Dynamically allocated ports used during VoIP calls for RTP and RTCP traffic. The port range can be adjusted through the System | Gatekeeper tab.
UDP 69 TFTP File requests to the IP Office.

are the main ones :)

ACS - IP Office Implement

"I'm just off to Hartlepool to buy some exploding trousers
 
Remote site is connected through VPN tunnel, then yes the phone is "essentially" on the same network as the IP Office, but still on a different subnet. Being on a different subnet requires that the IP Address, Subnet mask and Default Gateway (or in the case, router) be set up to work on the local subnet, meaning the router address should be the Linksys. You only need to hard code the Call Server (the IP Office) and File server (whatever's got TFTP running) on the phone, let it pick up the rest from DHCP.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top