Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

VPN issues

VPN issues

VPN issues

We are currently using some soft phones to work remotely. Avaya 6.2 and Cisco any connect VPN. The issue is one way audio and we were told this was by design and this how the vpn works.

RE: VPN issues

You were told wrong. I have ten's of thousands of users using softphone + Cisco VPN. Your issue is the UDP ports on page 1 of your network region form aren't open on your firewall.

RE: VPN issues

Let me get this straight, someone told you that VPN is one-way? Hope that was not your network engineer.
I agree with “Phoneguy55”, this sounds like a port issue.

RE: VPN issues

I've also run into the issue where traffic between endpoints can't route appropriately, rather than port configuration/allowance. Make sure that from the soft phone PC they can ping whatever other endpoint is involved in the call (DSP Resource, phone, gateway where PRIs land, etc.).

RE: VPN issues

I ran into an issue with one-way audio between softphone endpoints and got around it by turning off IP shuffling. That could be something else you may see.

RE: VPN issues

Typically, VPN tunnels by default do not allow packets to flow directly to another VPN tunnel. That will cause loss of audio if direct media is enabled.

RE: VPN issues

This will likely come down to having to understand your firewall rules (work with your network engineers, not against them... even if they can't do the same) and understanding the ip-network-region configurations in your system.

Obviously, connection to PROCR or a CLAN (unpreferred) is needed for h323 registration. After that you need to understand where the RTP packets are flowing. Hopefully all your VPN endpoints are 'captured' by an IPNR meant for these people. Once you have them all grouped you can give them all rules such as no direct media, or direct media only to certain offices etc.

Also, troubleshooting the -now-... get a 1 way call up, do a "status station" and look at the media path. Screen shot that then work with your firewall people to establish that the path is valid for RTP packets. A list trace will also provide similiar data, but the status station during an active call will be a little easier to read.

RE: VPN issues

Also, you MUST get rid of the h225 and h323 ALGs/layer 4 firewalls. They will cause problems almost always.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close