Billy gareth) 2012-07-13 02:20:00
Just wondering if someone could help me out here.
We have a client with SBS 2003 who has just signed off on a new IP Phone
system. They have the main office where the server and phone central unit are
located and a remote office with an IP phone that needs to connect back to
the main unit through the Net.
We provided the phone guys with all of the network info they requested and
were told that all we need to do was “setup a VPN tunnel” between the Linksys
routers (RVS4000) at both locations for the voice traffic.
We did that as requested only to find that while the device to device VPN
tunnel was connected and OK, the remote phone was not able to communicate
with the main phone system. Upon investigation we found that they had
actually configured the phone main unit on the INSIDE subnet (server is
multihomed) not the outside which was our understanding. Hence the reason the
remote phone not talking to the central unit.
We have configured all of the port forwarding on the two routers and in RRAS
on the server so that the relevant ports are being forwarded from the remote
phone to the router at the main office and then onto the external nic on the
server and then through to the main unit on the inside.
The remote phone still can’t connect to the main unit though. IPSEC VPN
tunnels are good and we can ping the remote router and remote phone from the
inside LAN at the main office. From the remote office we can ping the
external nic on the server so we know that it is getting that far.
I as far as I can see, all of the port forwarding is done correctly through
the routers and RRAS but still no luck. I even tested it by PF port 80 to one
of the NAS drives and it worked fine. So where is the problem? Have we missed
something? Some advice is that it may be a configuration issue on the phone
central control especially if they “thought” that they were putting it on the
OUTSIDE range. I have had them check this and it seems OK.
Is there anything else that we can do to ensure that we have done all that
Would setting up a static route on the Linksys router at the server work?
We could remove the DMZ on the server so that there is no 2nd NIC but surely
it can be done without doing this.
So the question is Is is possible to connect an IPSEC VPN tunnel between the
SBS 2003 and the Linksys router at the remote office? If so, how do we do
this as we have tried everything that would seem obvious?
Some advice says “Yes, just do this then that” (We have done this then that
with no luck)
Others say “It won’t work with 2 NICS, goto 1 NIC”
IP phone 192.168.1.150
Server external nic: 192.168.0.1
Server internal nic: 10.0.0.1
Phone system : 10.0.0.50
Would appreciate any suggestions.