Problems over vpn


#1

Hi, I’m running Asterisk@Home on at my office with 4 extensions and very few problems. The problem i’m having is that in wanting to be able to use a soft phone while at home, i get the following error on the X ten softphone. “Login timed out! Contact network admin.”

I’m not running anything weird (that I know of).

SonicWALL Pro 3060 at the office (10 Mbit Burstable) on the 192.168.10.x subnet.
Asterisk server is 192.168.10.40.
The SonicWALL Pro 3060 is configured to connect to my home (Cable Modem) SonicWALL TZ 170 with a fairly basic DES & SHA box to box VPN. Home network is 192.168.23.0.

I would have assumed that since i’m running VPN, my softphone setup would be the same.

Am i missing something simple?

Thanks,

-Mike


#2

It sounds like possibly a routing problem. Can both ends ping each other?

Is the phone reporting its IP address correctly? I.e., i assume your system has at least two IP addresses - the LAN, the VPN, ani possibly the internet connection as well. Is the phone reporting the VPN interface address to asterisk?


#3

Yes, both ends can ping each other. I’m not quite sure if I understand the rest of your question though. When you ask if I have at least 2 ip addresses, are you talking about on the pc that I’m running the X-Ten on? There’s no VPN client running on the pc, as I use all hardware VPN to VPN connections, so all VPN routing is done on the firewalls. I don’t have any VPN traffic being filtered/blocked.

Is there a particualar log or test I can run to possibly get better info to post up here for troubleshooting purposes?

THANKS!

-Mike


#4

i was thinking, is there a conf file that I need to edit to tell the asterisk server what networks it can talk to, for example, currently my 192l168.10.x network is the local network while 192.168.23.x might be considered a remote network or untrusted network to the asterisk? I don’t know if this makes any sense, i’m just kind of talking outloud and maybe it sparks an idea or solution.

Thanks

-Mike


#5

Well…

What i don’t understand - and i’m not familiar with VPN hardware at all - is the routing of packets between your home network (192.168.23.0) and your office network (192.168.10.0).

I can only assume, from what you say, that your machine at home is set up with a static route to the 192.168.23.0 network and the asterisk machine is set up with a static router to the 192.168.10.0 network. If this is the case, then it should work without any problems. If it’s not the case, i can only assume there is some network address translation (NAT) happening in the VPN box. If this is the case, then that would explain your problem - but i find it hard to believe that it would work that way!

What you haven’t explained - that you need to explain - is how the bridging between the two networks works.

Yes, there is a place to put the local network address - sip.conf. However, as far as i can tell, it’s got nothing to do with communication with clients.