Hi,
We have configured our IP Office 500 v2 to allow remote extensions for three users to connect remotely to it without the need of a VPN.
We have three extension numbers for the remote users - 2246 (1616i handset), 2247 (9620 handset) and 2248 (9620 handset). The first two extensions are in Remote Office 1 and do not work. The 2248 extension is in Remote Office 2 and works perfectly. There are no VPNs between the Remote Offices and Head Office. Both Remote Offices connect to the Internet through Draytek 2830 routers.
The handsets that do not work show "Discover <WAN IP of Avaya Base Unit>". All handsets are programmed the same in that the only item entered is the call server address and the subnet mask of 255.255.255.0. All other network settings are set to 0.0.0.0. All handsets are receiving valid DHCP settings. We have cleared and reconfigured the handsets several times trying both static and DHCP addressing.
All users are set up correctly and I can log in as any of them on the handset that does work and everything is fine.
In System Monitor we can see the 2246 and 2247 handsets trying to connect in the logs:
1193667592mS H323Evt: Recv GRQ from c3a69b80
1193667593mS H323Evt: e_H225_AliasAddress_dialedDigits alias
1193667593mS H323Evt: found number <2247>
1193668481mS H323Evt: Shared tcp socket for line 20 disconnected
1193669520mS H323Evt: IRCheckTimer: GRQ record deleted (user name=; extn-num=2247)
And for the 2248 we get:
1193728072mS H323Evt: Recv GRQ from 50e5e9ea
1193728072mS H323Evt: e_H225_AliasAddress_dialedDigits alias
1193728073mS H323Evt: found number <2248>
1193728144mS H323Evt: Recv: RegistrationRequest <Remote Office 2 WAN>; Endpoints registered: 5; Endpoints in registration: 0
1193728144mS H323Evt: e_H225_AliasAddress_dialedDigits alias
1193728145mS H323Evt: found number <2248>
1193728145mS H323Evt: RRQ --- CallSigProtocol is H323AnnexL_P. Go for Avaya 4600IP phone
1193728145mS H323Evt: RRQ --- Treat this as a forced login, the phone was probably rebooted (same_cs_addr 0)
1193728145mS H323Evt: GK: Unregister endpoint <system>_5a786c74306073a4 for extension 2248
1193728148mS H323Evt: GK: Send URQ
1193728149mS H323Evt: RRQ --- Register extn 2248 using product IP_Phone, version 3.103S
1193728149mS H323Evt: <2248> registered, ipo behind nat 1, phone behind nat 1
We use a Draytek 3900 firewall in Head Office, and have opened ports 1719 UDP, 1800 TCP (tried 1720 as well but were advised to use 1800) and 49152-53246 for TCP/UDP and have restricted access to these ports for both static WAN addresses of the Remote Offices.
We can see in the logs in the Draytek 3900 that handsets in Remote Office 1 try to connect to port 1719 from a variety of legitimate ports in the range for approximately 30 seconds before trying the next port up in the range. So we can see them connecting from Remote.Office.1.WAN:50204 then 50205, 50206 etc. From the handset that successfully connects from Remote Office 2, it shows an established connection to port 1800 on the Avaya Base Unit.
On the base unit we use LAN1 to connect to our main office network with IP address 10.1.0.20, and LAN2 for the phones, on its own VLAN, with a 10.10.11.1 IP address acting as a DHCP server. STUN works on LAN2 and returns "Port Restricted Cone NAT". We have an IP route of 0.0.0.0 on LAN2 with the gateway set as 10.10.11.254. We also have four other Avaya IP phones across the Head Office LAN and they all work fine. The rest of the phones are digital. We also have plenty free licenses.
Anyone have any ideas why the Remote Office 1 handsets won't connect?
Many thanks,
Jim.
We have configured our IP Office 500 v2 to allow remote extensions for three users to connect remotely to it without the need of a VPN.
We have three extension numbers for the remote users - 2246 (1616i handset), 2247 (9620 handset) and 2248 (9620 handset). The first two extensions are in Remote Office 1 and do not work. The 2248 extension is in Remote Office 2 and works perfectly. There are no VPNs between the Remote Offices and Head Office. Both Remote Offices connect to the Internet through Draytek 2830 routers.
The handsets that do not work show "Discover <WAN IP of Avaya Base Unit>". All handsets are programmed the same in that the only item entered is the call server address and the subnet mask of 255.255.255.0. All other network settings are set to 0.0.0.0. All handsets are receiving valid DHCP settings. We have cleared and reconfigured the handsets several times trying both static and DHCP addressing.
All users are set up correctly and I can log in as any of them on the handset that does work and everything is fine.
In System Monitor we can see the 2246 and 2247 handsets trying to connect in the logs:
1193667592mS H323Evt: Recv GRQ from c3a69b80
1193667593mS H323Evt: e_H225_AliasAddress_dialedDigits alias
1193667593mS H323Evt: found number <2247>
1193668481mS H323Evt: Shared tcp socket for line 20 disconnected
1193669520mS H323Evt: IRCheckTimer: GRQ record deleted (user name=; extn-num=2247)
And for the 2248 we get:
1193728072mS H323Evt: Recv GRQ from 50e5e9ea
1193728072mS H323Evt: e_H225_AliasAddress_dialedDigits alias
1193728073mS H323Evt: found number <2248>
1193728144mS H323Evt: Recv: RegistrationRequest <Remote Office 2 WAN>; Endpoints registered: 5; Endpoints in registration: 0
1193728144mS H323Evt: e_H225_AliasAddress_dialedDigits alias
1193728145mS H323Evt: found number <2248>
1193728145mS H323Evt: RRQ --- CallSigProtocol is H323AnnexL_P. Go for Avaya 4600IP phone
1193728145mS H323Evt: RRQ --- Treat this as a forced login, the phone was probably rebooted (same_cs_addr 0)
1193728145mS H323Evt: GK: Unregister endpoint <system>_5a786c74306073a4 for extension 2248
1193728148mS H323Evt: GK: Send URQ
1193728149mS H323Evt: RRQ --- Register extn 2248 using product IP_Phone, version 3.103S
1193728149mS H323Evt: <2248> registered, ipo behind nat 1, phone behind nat 1
We use a Draytek 3900 firewall in Head Office, and have opened ports 1719 UDP, 1800 TCP (tried 1720 as well but were advised to use 1800) and 49152-53246 for TCP/UDP and have restricted access to these ports for both static WAN addresses of the Remote Offices.
We can see in the logs in the Draytek 3900 that handsets in Remote Office 1 try to connect to port 1719 from a variety of legitimate ports in the range for approximately 30 seconds before trying the next port up in the range. So we can see them connecting from Remote.Office.1.WAN:50204 then 50205, 50206 etc. From the handset that successfully connects from Remote Office 2, it shows an established connection to port 1800 on the Avaya Base Unit.
On the base unit we use LAN1 to connect to our main office network with IP address 10.1.0.20, and LAN2 for the phones, on its own VLAN, with a 10.10.11.1 IP address acting as a DHCP server. STUN works on LAN2 and returns "Port Restricted Cone NAT". We have an IP route of 0.0.0.0 on LAN2 with the gateway set as 10.10.11.254. We also have four other Avaya IP phones across the Head Office LAN and they all work fine. The rest of the phones are digital. We also have plenty free licenses.
Anyone have any ideas why the Remote Office 1 handsets won't connect?
Many thanks,
Jim.
