INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

Site-to-site VPN with IP phone at remote site and IP Office at host site
2

Site-to-site VPN with IP phone at remote site and IP Office at host site

Site-to-site VPN with IP phone at remote site and IP Office at host site

(OP)
I've had a site-to-site T1 configured for a remote office for a while now. Since it was a dedicated T1 from remote to host site I was on the same subnet and IP range and had no problems getting Avaya IP phones at the remote site to connect to my IP Office at my host site. This week I've replaced the T1 with a site-to-site VPN tunnel using a Cisco ASA 5500 at my host location, and a Cisco RV320 at my remote.

It's up and running and everything is working exactly as expected, with the exception of my IP phones. Here's the tunnel configuration before I go into the problem:

Host Site: 192.168.200.0/24 (IP office address is 192.168.200.200)
Remote Site: 192.168.0.0/24 (Avaya phone address is 192.168.0.48, everything else points to IP Office ip address)

From either site, I can ping any address on the other site no problem, with the exception of my IP Office. When I'm at the remote site, I CAN NOT ping my ip office's IP address. It's the ONLY device I can't ping from my remote network and I have no clue why. At first I thought it was the remote sites vpn router config but then I got to thinking it might be the IP Office since it's the only device I can't ping from the remote network.

Do I need a route or some type of configuration on my IP office for this to work? I configured my remote IP phone with an address from the subnet it's on and then pointed the SALL SERVER and ROUTER addresses to the IP office on the host network, but when the phone tries to initialize I get a BAD ROUTER error.

RE: Site-to-site VPN with IP phone at remote site and IP Office at host site

You are missing an IP route in the IPO to the VPN router.

The truth is just an excuse for lack of imagination.

RE: Site-to-site VPN with IP phone at remote site and IP Office at host site

(OP)
There's only one route configured, and it's not even on the same subnet (I think it's a default route). It is as follows:

IP: 192.168.99.0 (I don't have anything in that IP range)
Mask: 255.255.255.0
Gateway: 0.0.0.0
Destination: Remote Manager


I'm assuming I create a new route to the remote VPN router (IP is 192.168.0.1). Gateway would be my host network gateway that the IP Office is on?

RE: Site-to-site VPN with IP phone at remote site and IP Office at host site

(OP)
Ok I created a route as follows:

IP: 192.168.0.0
Subnet: 255.255.255.0
Gateway: 192.168.200.1 (gateway of host network where IP Office resides)
LAN1
Metric 0

NOW I can ping my IP office from my remote network! I reset the phone but its telling me there is a subnet conflic now. It's setup as follows:

IP: 192.168.0.49
Call Server: 192.168.200.200
Router: 192.168.200.200
Mask: 255.255.255.0


Is that Route ideal? I don't understand why there's a subnet conflict

RE: Site-to-site VPN with IP phone at remote site and IP Office at host site

Your router is wrong.

It needs to be in the 192.168.0.0 subnet

Take Care

Matt
I have always wished that my computer would be as easy to use as my telephone.
My wish has come true. I no longer know how to use my telephone.

RE: Site-to-site VPN with IP phone at remote site and IP Office at host site

(OP)
That did it!!! Thank you so much!

RE: Site-to-site VPN with IP phone at remote site and IP Office at host site

I am glad to see that given a hint but not holding your hand you were able to get it to work. The IP route is a very commonly missed thing (I have done it myself plenty).

The truth is just an excuse for lack of imagination.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close