I have got a requirement to configure Site-to-Site VPN with HQ from my branch office. The motive to accomplish this is to get the IP Phones up and running. The phones would connect to the CUCM which is located at HQ. I have my DSL link terminated on ATM interface of Cisco 877 router and I’ve got two public IP’s from the ISP one for my side and the other from the HQ. I’ve configured my side successfully and the link is up with internet accessible.
I’ve configured Site 2 site VPN and it works fine, but still the phones are not getting registered.
I am able to ping the local network I.e. 172.16.0.0 but not able to reach CUCM IP 172.16.100.X
Below are the details.
Br Local LAN network: 192.168.3.0
HQ Local LAN Network: 172.16.0.0
CUCM IP: 172.16.100.X
Voice Gateway IP: 172.16.100.X
Below are the devices which I’ve at Branch office
Cisco 877 Adsl Router
3 COM POE switch
Cisco 7911 IP phones.
Please find attached the running config of the router and network diagram for reference.
Kindly look into this and advice.
Thanks in Advance..
In wich kind of device is the vpn configured at HQ?
Are you able to ping the VG from Branch Office?
What is the dafault gateway of the CUCM?
Let me know
Thanks for the reply!!
There is 1900 series cisco router at HQ.
No, I am not able to ping the voice gateway..
and the default gateway of CUCM is VG.
Can you please post the config of 1900 router.
Check also the VG routing table which should be able to reach you branch through the 1900 HQ router.
Do you have a route for network 172.16.0.0 255.255.0.0 pointing to the ip of the other site (vpn site to site ?
Try the below access lists
On the top must me the deny
access-list 120 deny ip 192.168.3.0 0.0.0.255 172.16.0.0 0.0.255.255
access-list 120 permit ip 192.168.3.0 0.0.0.255 any
access-list 130 permit ip 192.168.3.0 0.0.0.255 172.16.0.0 0.0.255.255
What are results finally
Are you able to send you HQ router config and a show ip route of HQ VG.