No sound VOIP using VPN problem

Unanswered Question
Nov 24th, 2003
User Badges:


I am trying to get a remote user working with an ATA 186 through a sonicwall VPN. I have the ATA configured to connect to the Call Manager and can make internal calls. I cannot hear or send voice when I make or receive external calls. I have tried to get my vendor to fix this, but they have been unable to complete this task. Hopefully someone here can steer me in the right direction.

I have created a page that details my layout and included the programming of my PRI router and an XL3500 that connects the Call Manager, Unity, PRI and internet connection together.

The VPN is sonicwall. I have had this working in the past, but we recently migrated to our own Unity and Call Manager from using a shared system. Now all I get is internal sound.

The page is

Thank you in advance for any assistance,

Jamie Jensen

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
c-charlebois Tue, 11/25/2003 - 08:16
User Badges:

If I had to make a bet on the problem, it would be on the Sonicwall not having a route for the loopback interface of the voice gateway. Loopback addresses can be very useful, when implemented with a routing protocol that can advertise their presence. For what you have shown, there is no routing protocol in use, and so you have to rely on statis routing. This is fine, really. In fact, the Sonicwalls I have worked with have only supported RIP and that was an upgrade.

Although, I would think that a lack of a static route would only cause a one-way audio issue, not a complete loss of audio. The fact that you can talk to internal phones indicates that the Sonicwall is allowing the RTP packets through, but for whatever reason, RTP packets to and from the gateway, or more specifically, the loopback interface, are getting blocked or lost.

I would try pinging the loopback address from the remote network first. If that doesn't work, then you know it's a connectivity issue and can approach it from either a incomplete routing or over-tighted security angle. Also, try an extended ping from the router. Just type ping on the Voice Gateway and choose the extended commands option. This will allow you to specify the source address. If you set the loopback address as the source address, you can find out if there is connectivity in that direction.

Good luck.

jensenjl Tue, 11/25/2003 - 18:56
User Badges:


I want to thank you for pointing me in the right direction. I added the scope to my firewall's static route list and added the scope to the VPN settings on the remote firewall. I was then able to ping the loopback IP. Then I tested the outbound calling and was able to hear both sides. The same is true for inbound calls.

Now I just wish the consulting company would have been as competent as you were. Although in their defense it sometimes takes a different set of eyes to look at a problem to see the solution, you get in so that you can't see the forest through the trees so to speak.

Thanks again,

Jamie Jensen


This Discussion