Newbie Needs Help Please - VoIP and VPN

Unanswered Question
Feb 6th, 2009

Hello,

I have a question about some voip/vpn configuration. I've got two sites that have 1760 routers with fxo/fxs cards that are going to be tieing the two phone systems together with a couple of voip trunks. These are secondary devices on the network with no data traffic or real LAN even, but addressed with a 2nd wan ip on the fa 0/0 port. The only traffic going through these routers is voice/voip.

My question is about this voip setup with vpn. First off, should I or shouldn't I, or even can I? If I configure a site-to-site vpn connection, will the voip traffic pass over that? How would I set up a VPN tunnel for only the fxo/fxs cards with no "LAN" behind it? Is there a need to have a vpn? Any benefits to sending the voip data across vpn, other than the obvious encryption of the "call"?

The thing is, I've only setup a VPN with Cisco a few couple of times, and once was from a pre-configured script I found and the other was from some software called SDM. I've only known about setting up VPN's for connecting the LAN behind router A to the LAN behind router B. This setup has NO LAN. The only interfaces are the fa 0/0 (getting static wan ip), and the fxo and fxs cards handling the voice. I have no clue on how to configure a site-to-site VPN for this, or if I even can, or if I should.

The next two replies will have my voip configuration as it sits on the bench in testing; I have both fa 0/0 interfaces connected to the local LAN just for a connection and testing, but each will later be getting it's own static WAN IP on the fa 0/0 interfaces:

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sandman420 Fri, 02/06/2009 - 06:32

SITE 1:

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname SITE 1

!

boot-start-marker

boot-end-marker

!

enable secret XXX

!

no aaa new-model

voice-card 2

!

voice-card 3

!

ip cef

!

interface FastEthernet0/0

ip address 192.168.254.30 255.255.255.0

speed auto

no shutdown

!

no ip http server

no ip http secure-server

!

control-plane

!

voice-port 2/0

connection plar opx 290

!

voice-port 2/1

connection plar opx 291

!

voice-port 2/2

!

voice-port 2/3

!

voice-port 3/0

connection plar 190

!

voice-port 3/1

connection plar 191

!

voice-port 3/2

!

voice-port 3/3

!

dial-peer voice 180 pots

destination-pattern 180

port 2/0

!

dial-peer voice 181 pots

destination-pattern 181

port 2/1

!

dial-peer voice 190 voip

destination-pattern 19

session target ipv4:192.168.254.40

!

line con 0

logging synchronous

line aux 0

line vty 0 4

password xxx

logging synchronous

login

transport input telnet

!

end

sandman420 Fri, 02/06/2009 - 06:33

AND SITE 2:

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname SITE 2

!

boot-start-marker

boot-end-marker

!

enable secret XXX

!

no aaa new-model

voice-card 2

!

voice-card 3

!

ip cef

!

interface FastEthernet0/0

ip address 192.168.254.40 255.255.255.0

speed auto

!

no ip http server

no ip http secure-server

!

control-plane

!

voice-port 2/0

connection plar opx 280

!

voice-port 2/1

connection plar opx 281

!

voice-port 2/2

!

voice-port 2/3

!

voice-port 3/0

connection plar 180

!

voice-port 3/1

connection plar 181

!

voice-port 3/2

!

voice-port 3/3

!

dial-peer voice 190 pots

destination-pattern 190

port 2/0

!

dial-peer voice 191 pots

destination-pattern 191

port 2/1

!

dial-peer voice 180 voip

destination-pattern 18

session target ipv4:192.168.254.30

!

line con 0

logging synchronous

line aux 0

line vty 0 4

password xxx

logging synchronous

login

transport input telnet

!

end

Actions

This Discussion