In my office, I’ve got 2 routers - one router is a basic Fortigate Internet router (192.168.0.1), and the other router is a carrier supplied Cisco router (192.168.0.2) with a SIP trunk (100.100.100.100). The PBX has an IP of 192.168.0.10.
The Cisco router does not have Internet capabilities. When the PBX has a default gateway of the Cisco router, incoming and outgoing calls work fine but cannot do updates or voicemail to email because the Cisco router has no Internet. When I change the PBX default gateway to the Fortigate and set a static host route to get to the Cisco SIP trunk, ie. IP ROUTE 100.100.100.100 255.255.255.255 192.168.0.2, it picks up a call just fine but no audio. Any ideas? As a last resort, I might just have to leave the PBX default gateway pointing to the carrier’s Cisco router and ask them to set a static route for Internet that goes through the Fortigate.
It would seem unlikely that the SIP server (100.100.100.100) also handles media. You’d need to check the actual IP addresses that get negotiated within the SDP during call setup. My guess is they use separate servers for handling the media, so you would need an additional static route to direct media via your cisco router. See if you can find out the addresses of those media servers, or ask your carrier.
The SIP server is definitely capable of handling media also because like I mentioned, I can change the PBX default gateway back from the Fortigate 192.168.0.1 to point to the carrier’s Cisco router 192.168.0.2, and my entire office could make/receive calls all day long (for the past couple of months now) with no issues other than no Internet on the PBX. I’m beginning to suspect that the carrier’s Cisco/SIP server might have an ACL lock on the IP/MAC address of the PBX, and any other MAC addresses would be denied. Any other ideas?
I don’t see how changing the default route has any influence on the MAC addresses involved in communications, they are still the same. If it works with the default route set to the cisco router, but doesn’t work when the default route points to your internet router and you have a static route installed to have 100.100.100.100 routed to your cisco, this paints a pretty clear picture. There must be other traffic involved that does not use 100.100.100.100. This could be RTP traffic, or DNS queries that can only be successfully resolved using the cisco/your carrier’s DNS servers or something else. If you can find out what traffic causes the problem, there surely is a solution to the problem.
Use the setup that’s working (default route to cisco), then use tools like tcpdump/wireshark to see what traffic is not using 100.100.100.100.
SOLVED: I called up the carrier to confirm if I needed any other routes added or if there were any ACL blocks, and they said that the static route is correct and there are no other ACL blocks. They noticed that our Internet router’s MAC address was in two different places within their Cisco which is strange and shouldn’t be. This led us to believe that we might have internal networking issues. I suspected that the MAC tables within our switches might not be accurate or consistent. So I went ahead and rebooted all of our switches, and everything worked fine after that. Thank you for your assistance.