VPN/Voice Issue

Unanswered Question
Jan 21st, 2008

I just posted this previous question in the wrong forum. This is a repost..my apologies

Here is the problem I am experiencing.

I have two locations, each with multiple subnets.

Each of these locations has a vlan for IP phones and a vlan for the Cisco Call Manager.

The lan to lan tunnel with an Asa5520 and an asa5505 comes up and works fine. I can ping from any subnet to any subnet just fine.

However, the voice traffic has problems.

The call managers will set up the traffic and ring the end stations but there will be no audio.

For troubleshooting purposes, I have moved some phones into the vlans where the call managers sit and these phones have no problem placing phone calls. There are NO audio problems whatsoever.

I can then do an extended ping from one end of the network to the other using the phone vlan interfaces on the layer 3 switch and after that I am able to succesfully place calls

It's just when the phones sit in a different vlan than the call manager that these problems occur...unless I perform the extended ping.

Making it worse is that the existing ip structure has 172.17 and 172.27 addressing on both sides of the network making supernetting difficult.

I have tried different code levels and this does not seem to make a difference.

TAS has said the config looks ok so I am left scratching my head.

Has anyone seen anything like this ?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Anonymous (not verified) Fri, 01/25/2008 - 10:57

I had experienced intermittent audio problem. Reflashing and re-uploading the configuration fixed the issue. Check if this helps you.

pcanters Fri, 01/25/2008 - 11:04

At this point in time the TAC thinks that there is a new bug that is causing this problem.

Thanks for the response

Bikramjit Majumdar Sun, 01/27/2008 - 12:26


I am assuming that after connecting through S2S vpn, you can able to ping the ip address of callmanager anf the ip addresses of both the ip phones. If so, could you please take a packet capture while trying to place a call over the vpn and then sheck.

I think it is a routing issue and any how it is unable to route the audio traffic (RTP) which required some UDP ports, not sure about the numbers.

Hope that helps!!

*Rate the post, if helpful*


pcanters Mon, 01/28/2008 - 06:00

We are able to ping the call managers and the IP phones on both sides.

Cisco VOIP uses RTP which is UDP ports 16384-32767.

We have a two SA statements on either side of the LAN to LAN tunnel. The first SA triggered by the Call Managers doing call setup works fine.

The second SA which is the RTP phone session does not work so well.

It keeps getting stuck in a corrupted state which only can be fixed with a reboot.

This does not appear to be a routing issue.

We still are not sure what the answer is.

Has anyone else seen this or had any experience with this ??


This Discussion