1. Home
  2. Voice-Over-IP
  3. connection from ip phone at work to ip phone on client

connection from ip phone at work to ip phone on client

Hi,

At work there's a Cisco callmanager server. I connect from home to work using VPN. I have a Cisco ip phone at home. When my VPN is up, I can call anybody at work. They can hear me, but I cannot hear them. If I'm correct, ip phones talk to each other directly after a call is set up. I suspect my client side is blocking incoming ip traffic which tries to initiate a connection to my ip phone.

LAN at work: 192.168.1.x LAN at home: 192.168.20.x (wireless) Ip phone is directly connected to my computer on a separate subnet at.

192.168.21.4 VPN client ip: 192.168.1.32

ICS is turned on, on my VPN interface. IP routing in Windows XP is enabled. Windows Firewall is off. Gateway 192.168.1.1 at work has a static route (send 192.168.21.4 to

192.168.1.32). I somehow need to allow connections coming from my VPN interface to the 192.168.21.x subnet. Can this be done?

thanks. Arne

Reply to
beheer
Loading thread data ...

They do if they are set up that way. They can also keep any number of intermediate proxies "in the loop". That obviously adds delay and isn't as desirable.

Well my first guess would be that work doesn't know how to route to

192.168.21.4. Can you ping that address from the phone (or a computer that is put on the same network as the phone)?

In general, you really want real routeable IP addresses all the way around. If not, you have to make sure everybody's routing table has routes for all the involved private networks, and none of them conflict with other private nets that other folks are using.

-wolfgang

Reply to
Wolfgang S. Rupprecht

That's usually question of opening the right ports on your computer. You may need to open 5060, 5004, 5082, 3478, 3479, 8000, and 10000 if Stun is needed. Regards, Martin

Reply to
Martin²

All computers and ip phones at work have 192.168.1.1 as default gateway. On the default gateway I've made a static route (192.168.21.4/255.255.255.255 to 192.168.1.32 on the LAN interface) I can't ping my phone from work. I tried to ping directly from the gateway to my phone. Also doesn't work. I tried a packet sniffer on my computer. I don't see any packets when pinging. I suspect Windows is blocking because I think it's like trying to reach a local computer directly from the internet.

Other options:

- when my phone is used, the call manager server should act as a proxy (I can't find any settings to do that)

- my phone is known to the call manager server as 192.168.21.4. If I could somehow translate the return packets to 192.168.1.32, then I think it would work. I would forward the packets coming in on

192.168.1.32 to 192.168.21.4

- do some kind of NAT on my computer so that my phone identifies itself as 192.168.1.32

All looks complicated, if feasible at all.

Reply to
beheer

Sounds ok, so far.

Ah, I didn't realize you are NAT-ing the phone? I don't know anything about MS software, but isn't there some way to turn off the NAT? You really don't need it or want it. Straight routing would remove quite a lot of issues.

NAT-ing voip's SIP (control) and RTP (voice data) packets requires more work in the NAT than just slapping a new IP address in the IP header. There are copies of the IP address in the data part of the SIP packet that needs to be translated too. NAT can be made to work, but only if you have the right kind of NAT and some external help from a STUN server. If you can turn off the NAT you save yourself a world of hurt.

When you hit a brick wall, walk around it. ;-) Change the rules of the game.

-wolfgang

Reply to
Wolfgang S. Rupprecht

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.