VPN issues VPN issues colec12 (TechnicalUser) (OP) 14 Sep 20 17:16 We are currently using some soft phones to work remotely. Avaya 6.2 and Cisco any connect VPN. The issue is one way audio and we were told this was by design and this how the vpn works. RE: VPN issues phoneguy55 (Programmer) 14 Sep 20 18:05 You were told wrong. I have ten's of thousands of users using softphone + Cisco VPN. Your issue is the UDP ports on page 1 of your network region form aren't open on your firewall. RE: VPN issues DAVIDPAYNE (IS/IT--Management) 15 Sep 20 12:11 Let me get this straight, someone told you that VPN is one-way? Hope that was not your network engineer. I agree with “Phoneguy55”, this sounds like a port issue. RE: VPN issues SharkySeph (TechnicalUser) 15 Sep 20 12:50 I've also run into the issue where traffic between endpoints can't route appropriately, rather than port configuration/allowance. Make sure that from the soft phone PC they can ping whatever other endpoint is involved in the call (DSP Resource, phone, gateway where PRIs land, etc.). RE: VPN issues Sean655 (TechnicalUser) 15 Sep 20 13:48 I ran into an issue with one-way audio between softphone endpoints and got around it by turning off IP shuffling. That could be something else you may see. RE: VPN issues gwebster (Vendor) 15 Sep 20 14:22 Typically, VPN tunnels by default do not allow packets to flow directly to another VPN tunnel. That will cause loss of audio if direct media is enabled. RE: VPN issues dialtonebone (TechnicalUser) 17 Sep 20 21:18 This will likely come down to having to understand your firewall rules (work with your network engineers, not against them... even if they can't do the same) and understanding the ip-network-region configurations in your system. Obviously, connection to PROCR or a CLAN (unpreferred) is needed for h323 registration. After that you need to understand where the RTP packets are flowing. Hopefully all your VPN endpoints are 'captured' by an IPNR meant for these people. Once you have them all grouped you can give them all rules such as no direct media, or direct media only to certain offices etc. Also, troubleshooting the -now-... get a 1 way call up, do a "status station" and look at the media path. Screen shot that then work with your firewall people to establish that the path is valid for RTP packets. A list trace will also provide similiar data, but the status station during an active call will be a little easier to read. RE: VPN issues dialtonebone (TechnicalUser) 17 Sep 20 21:18 Also, you MUST get rid of the h225 and h323 ALGs/layer 4 firewalls. They will cause problems almost always.