IPO VOIP Issue over IPSec VPN

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • sbhano
    Whiz
    • Nov 2014
    • 38
    #1

    IPO VOIP Issue over IPSec VPN

    Dear All,
    Facing Issue with Voice over IP sec VPN tunnel.

    IPO Server Edition, Primary Server at HO and 500v2 (Expansion) at RO. Site connectivity between HO & RO, with IPSec VPN.

    Problem is when i am calling from HO to RO or vise versa. I am getting no audio just blank.
    checked the monitor traces. Something wrong with RTP ports. I am attaching the traces, It will be helpful if somebody point me in right direction.

    Thanks


    14:32:12 4269731mS CMLineTx: v=17
    CMFacility
    Line: type=IPLine 17 Call: lid=0 id=1007 in=0
    IE CMIEPrimitiveData (7)
    14:32:12 4269732mS CMLineTx: v=17
    CMFacility
    Line: type=IPLine 17 Call: lid=0 id=1007 in=0
    IE CMIERespondingPartyName (228)(Type=CMNameDefault) name=Agent 700
    IE CMIERespondingPartyKName (229)(Type=CMNameDefault) name=RAKESH LEKHAK
    IE CMIERespondingPartyNumber (230)(P:100 S:100 T:101 N:100 R:4) number=700
    IE CMIEDeviceDetail (231) c0a8668b000003ed LOCALE=ind HW=15 VER=10 class=CMDeviceSIPPhone type=151 number=1 channel=0 features=0x20110020 rx_gain=32 tx_gain=32
    ep_callid=1005 ipaddr=192.168.102.139 apps=0 loc=0 em_a_loc=0 em_d_loc=0 features2=0x2 is_spcall=0 ignores_dtmf=1 avgsid=
    14:32:12 4269734mS H323Evt: SESS 3 SetOperational local 192.168.102.139:0 remote 0.0.0.0:0 to 0
    14:32:12 4269734mS H323Evt: SESS 3 Configure: Alaw64K packet size 160
    14:32:12 4269734mS H323Evt: SESS 3 SetRemUDP 0 -> 41064, remote IP 0.0.0.0 -> 192.168.1.202
    14:32:12 4269734mS H323Evt: SESS 3 SetRfc2833: (1) rx payload 101 tx payload 101
    14:32:12 4269735mS CMMap: PCG::MapBChan pcp[154]b0r1 cp_b 0 other_cp_b 0 type CGTypeSimple
    14:32:12 4269735mS H323Evt: SESS 4 SetOperational local 192.168.102.139:0 remote 0.0.0.0:0 to 0
    14:32:12 4269735mS H323Evt: SESS 4 Configure: Alaw64K packet size 160
    14:32:12 4269735mS H323Evt: SESS 4 SetRemUDP 0 -> 5016, remote IP 0.0.0.0 -> 192.168.102.135
    14:32:12 4269735mS H323Evt: SESS 4 SetRfc2833: (1) rx payload 101 tx payload 101
    14:32:12 4269736mS CMMap: PCG::MapBChan pcp[153]b0r1 cp_b 0 other_cp_b 0 type CGTypeSimple
    14:32:12 4269736mS CMMap: PCG::MapBChan cp RTP local 192.168.102.139:46752 remote 192.168.102.135:5016 , cp_other RTP local: 192.168.102.139:46750 remote 192.168.1.202:41064
    14:32:12 4269736mS CMMap: PCG::MapBChan cp oob 0 rfc_2833 1 , cp_other oob 0, rfc_2833 1, cp behind_nat 0 cp_other behind_nat 0
    14:32:12 4269736mS PRN: rtpRelayFilter ioctl(open) rc: 0 rtpRelayId: 1
    14:32:12 4269736mS CMMap: PCG::MapBChan rtpRelay Open got rtpRelayId: 1
    14:32:12 4269736mS PRN: rtpRelayFilter configure rc: 0 rtpRelayId: 1
    14:32:12 4269736mS CMMap: PCG::MapBChan rtpRelay Configure success rtpRelayId: 1
    14:32:12 4269736mS CMMap: PCG::MapBChan rtpRelay Start success rtpRelayId: 1
    14:32:12 4269736mS CMMap: pcp[153]b0r1 rtpRelayId: 1 SetRTPFilterState RTPFilterPaused(2) -> RTPFilterStarted(1)
    14:32:12 4269737mS CMMap: pcp[154]b0r1 rtpRelayId: 1 SetRTPFilterState RTPFilterPaused(2) -> RTPFilterStarted(1)
    14:32:12 4269737mS H323Evt: SESS 4 SetOperational local 192.168.102.139:46752 remote 192.168.102.135:5016 to 1
    14:32:12 4269737mS H323Evt: SESS 3 SetOperational local 192.168.102.139:46750 remote 192.168.1.202:41064 to 1
    14:32:12 4269741mS SIP Rx: TCP 192.168.102.135:60608 -> 192.168.102.139:5060
    ACK sip:[email protected]:5060;transport=tcp SIP/2.0
    From: sip:[email protected];tag=-298fdc10592be423-7e114958_F700192.168.102.135
    To: <sip:[email protected]>;tag=5154d8a57ab7b3c5
    Tags: None
  • heuve
    Aspiring Member
    • May 2017
    • 1
    #2
    1) Are you sure RTP ports are open between the sites? This could be a router/firewall problem? Maybe you can WireShark at some points in the network?
    2) Actually it might be interesting to see the SDP part of the ACK message. And maybe also the SIP 200 OK.
    3) Any device in the route that could make modifications to the RTP packets?
    4) Does it work without VPN?

    Best regards,
    Rene

    Comment

    • sbhano
      Whiz
      • Nov 2014
      • 38
      #3
      Hi,

      Thanks for replying
      Actually it was on P2P 1st and everything was fine, than customer wanted to move it to VPN and problem started.
      I think RTP ports are getting block somewhere, I checked with ISP they confirm about RTP ports being open. they are using sophos UTM, i think firewall is blocking some thing .. !!

      Comment

      • king235
        Aspiring Member
        • Nov 2016
        • 1
        #4
        VPN is the issue

        I had to setup the vpn for single phase to resolve this same issue.

        Comment

        • iwebber
          Member
          .
          • May 2014
          • 3
          #5
          Check things like the protected subnet in the VPN devices, it is probably not including the phones at the main site.
          Alternately try temporarily disabling Direct Media for the remote phones, that is not a real fix but may work around the VPN setup issues.

          And as others have commented make sure that the UDP range for RTP is not being blocked.

          Comment

          Previous template Next
          Loading