Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Setup VOIP without VPN 5

Status
Not open for further replies.

MichaelCullen

IS-IT--Management
Nov 7, 2002
94
GB
Hi

We have a 5610SW IP phone that normaly connects to our IPO406v2 on our LAN with no problems. Over the xmas Hols one of our directors wants to take this home and be able to recieve calls. The director has a basic router at home that doesn't support VPN and we have a Sonicwall 2040.

I have configured the phone with a static IP and the external IP of our sonicwall for the CallSV and the directors router IP for the Router setting.

Also on our sonicwall I have redirected port 1719 to the IPO

When I plug in the phone all it says is Discover and then the IP address

are there anyother ports that need to be opened to get this to work?

is there there anything extra I need to configure on the IPO?

Thanks

Michael
 
Setup a VPN-Tunnel!!
Many have tried but not seen anybody got it to work.

Greets Peter
 
Hmmmm

I think your right, i'll need a tunnel.

In theroy it should work as the sonicwall doesn't show the phone attempting to open up anyother ports.

However I think the problem is that the IPO is trying to get to the ip address of the phone rather than just returning the required data, if that makes sense.

I have allso configured the IPO with the internal address of the sonicwall

Thanks
 
After installing many vpn tunnels over the past 3 years as a cheap and inexpensive voice solution, my honest opinion is that it doesnt work well 90% of the time. There is to much latency which always seems to make for poor voice quality. Unfortunetly, there aren't to many other alternatives unless you spend the money for a dedicated data pipe for this purpose. Going through the internet is a bit unreliable and impossible to guarantee good voice quality. If you have no other option, give it a shot. One other thing you could try is doing a off-net forward the extension to line at the workers house, but you loose the ability of features and vmail at your finger tips.
 
Here's the problem with why it doesn't work. When the IP phone initially attempts to locate the IPO (on 1719 and 1720-VoIP RAS) it tells the PBX what extension it needs to be. If there's a problem or conflict, the phone will tell you and you can enter a new extension and password. All is fine up until right after that point.

The next step in the process is the PBX tells the phone to use "This IP" and "This Port" for communication. Unfortunately, the IP Office only knows its own IP, not its Public IP.

In the end, what happens is the phone does the initial setup at, say, 208.235.17.55 (random IP guys), then the IPO redirects it to 192.168.1.25, which of course doesn't exist on the public.

Nortel's VoIP solution works in this way for the VoIP Server, but not the phones. Avaya's Definity VoIP solution works for the phones, but not the server. And apparently the IPO works for the phones but not the server as well.

The only way I can see for this to work is to have an SOE or 412 (with 2 lan ports, one on the internet and one on the intranet) or for Avaya to have a place in the system programming for the user to input a "VoIP Public IP" for the system to broadcast to the phones.

Sorry guys, VPN is the only solution I can see for now until Avaya gets their heads out.

Hope this helps (as frustrating as it might be).

Kris
 
Thanks for that. now I understand what is going on.

so I guess a VPN will be needed then

Thanks for all your help

Michael
 
It would be nice so, if they can do something for it.

We do it with a Tadiran PABX but use a Coral sentinel.
This is Sesion border controler.

The IP-Phone i have i can put in almost every network and it comes up, use it many times to call my collegs also at the custemor side if im working there for 3 or 4 weeks.

Greets Peter

 
VoIP and NAT don't Mix stay well clear use VPN ! Or full private network.

ipo.gif
Umm anotherprivatebuild !!!
 
You know Big70, Tadiran have told us directly that you do not need the sentinel for one remote IP phone at one site.

That been said, it performs like a p.o.s with >1 phone at one site.
 
I'm looking to setup the same thing from my home to the office


I should be getting our 2040 in a few weeks and then i will get either a TZ170 or any other sonicwall with site to site VPN capabilities and then once the site to site link is created then the phone should find the IP Office with minor configurations for sound quality.


So i would get a sonicwall firewall at your bosses house and create a site to site link


Also call Sonicwall support for help or purchase support for your device's
 
I have a Netgear fvs 114 at my house, one at my boss' house and one here at the office. We both have 5610s and the thing works great. Yes, we do have quality issues, rarely, but for the price these work great. I know there are people laughing because I am not using pix 501s or some other big time vpn solution. SO WHAT, it took me about 20 minutes to make the thing work.

Try it, you'll like it.
 
That's the spirit ronromano! It doesn't have to be fancy and expensive, it just has to do the job.
A big STAR for you.
 
You get what you pay for i suppose. Pay half the price works half the time ?

sorry just kidding, where's my star ? hehe
 
Hi ronromano

Interested to hear you have a successful VOIP connection using the FV114 router, I am trying the same thing between a fv114 and fvx538 netgear router, but I cannot get past the point of the extension in use, I have deleted the extension and also added a new extension but still no luck, did you have to open any particular ports on the fv114?
 
Like I said , I am using 114s and don't have any experience withthe 538. At home I have dsl that is not static so I go to whatis my ip.com and get the public IP address Verizon has assigned me. Then I use this address in the office router. Did not do anything to the router other than setting the same setting for VPN on both sides (accept the other side's IP addresses)

My phone has worked for months at a time before the power goes out and my IP changes or my kids turn off the router or something.

You have to refresh my memory as I don't remember the exact point you get "extention in use", but as I recall it is just before the phone finally comes up.

To me it is a good sign that you get extension in use.I wanted my house to have ext 251 so I set it up in manager and logged it in at that point when I got it hope. Press the pound or whatever it is to move on and put in the extension number you want it to be.
 
My personal view is the 538 is causing the problem, I think I will try a VPN between two fv114 units.

On the remote end the IP assigments are 192.168.0.x and at the office end 10.0.0.x I can ping everything both ways via the VPN, email etc work, the phone gets the TFTP info, and in the office 406 unit it autocreates the extension but thats it.

The phone params I give it at present are the following

IP address = 192.168.0.3 (local remote IP address)
Call Serv = 10.0.0.200 (IP office address at office end)
Router 192.168.0.1 (local remote router)
TFTP server = 10.0.0.50 (TFTP server at offic end)

Is this similar to your setup?





 
I also have the phone set for DHCP.

Does the VPN work with remote desktop? I don't think it is a router issue because you are getting as far as extension in use so it is attempting to register with the IPO. Have a VOIP ext ceated in the config? IS all be ext and user stuff set for this new phone?

I just unplugged my phone and am at the "extension in use"
I press # and it asks me if 251 is what I want to use. It is so I press # again. It asks for password and I hit # again. It asks to unregister user and I hit # for yes and I am logged in.

I always set my users up as hot desk and I am wondering if this has something to do with it.

Always leave allow direct media path unchecked although this has always just affected the voice path.

I have to say that for the money these netgears have served me well.
 
I am using a Netgear FVS318. One at Office and one here. Setup VPN on the Netgears, and my 5420IP phone works great.

every now and then when I reset my router, my Phone will say Ext. in use. I simply unplug the IP Phone and plug it back in and it comes up fine.

I stay away from the DHCP method and have a static address assigned to the IP phone.
 
One thing that leads me to think it is the FVX538 is that within the diag page of this router it fails to ping the remote router although I can ping the remote router from any other PC on the office LAN that is connected to the 538 unit.

On the IP office if I run SYS log when I connect the remote phone I can see it trying to register but the IP office reports no response when it tries to talk to the IP phone.

Looking on the netgear forum there does seem to be a lot of people having general problems with the 538 which makes me think it may be the issue, later this week I will try a FV114 unit instead of the 538 and see what happens, will keep you posted as to the outcome.

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top