smeyer
January 29, 2014, 4:42pm
1
So I have an IPSec tunnel between two sites. For just everything non SIP/RTP it work perfectly. Whenever I use a device such as a VVX300 by polycom, or even some smartphones, it goes out the WAN and not the tunnel.
On my firewall I see the SIP and RTP traffic coming in through WAN and not enc0.
externalIP>IntenalIP
this should be:
InternalIP>InternalIP
When I use wireshark on the phone side, I do not see any traffic from the phones at all besides the WUI.
If I call an outside line, it drops after 5 seconds. I still have no idea where the traffic goes.
Please help… I am in WAYYYYY over my head.
smeyer
January 29, 2014, 4:51pm
2
Going a bit further:
WAN.WAN.WAN.WAN = Server WAN which is a 1:1 to the Server IP
003046.925|sip |0|00|<<<Packet Received
003046.925|sip |0|00| OPTIONS sip:200@192.168.100.200:56052 SIP/2.0
003046.925|sip |0|00| Via: SIP/2.0/UDP WAN.WAN.WAN.WAN:5060;branch=z9hG4bK5767a0c8;rport
003046.925|sip |0|00| Max-Forwards: 70
003046.925|sip |0|00| From: "Unknown" <sip:Unknown@WAN.WAN.WAN.WAN>;tag=as03fc9f97
003046.925|sip |0|00| To: <sip:200@192.168.100.200:56052>
003046.925|sip |0|00| Contact: <sip:Unknown@WAN.WAN.WAN.WAN:5060>
003046.925|sip |0|00| Call-ID: 03e168c7093bb4f356a8837800167894@WAN.WAN.WAN.WAN:5060
003046.925|sip |0|00| CSeq: 102 OPTIONS
003046.925|sip |0|00| User-Agent: -2.11.0beta2(11.7.0)
003046.925|sip |0|00| Date: Wed, 29 Jan 2014 16:46:58 GMT
003046.925|sip |0|00| Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH
003046.925|sip |0|00| Supported: replaces, timer
003046.925|sip |0|00| Content-Length: 0
003046.925|sip |0|00|
003046.928|sip |0|00|>>> Data Send to WAN.WAN.WAN.WAN
003046.928|sip |0|00| SIP/2.0 200 OK
003046.928|sip |0|00| Via: SIP/2.0/UDP WAN.WAN.WAN.WAN:5060;branch=z9hG4bK5767a0c8;rport
003046.928|sip |0|00| From: "Unknown" <sip:Unknown@WAN.WAN.WAN.WAN>;tag=as03fc9f97
003046.928|sip |0|00| To: "200" <sip:200@192.168.100.200:56052>;tag=5D1E65AD-4C8EDE40
003046.928|sip |0|00| CSeq: 102 OPTIONS
003046.928|sip |0|00| Call-ID: 03e168c7093bb4f356a8837800167894@WAN.WAN.WAN.WAN:5060
003046.928|sip |0|00| Contact: <sip:200@192.168.100.200:56052>
003046.928|sip |0|00| Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, INFO, MESSAGE, SUBSCRIBE, NOTIFY, PRACK, UPDATE, REFER
003046.928|sip |0|00| Supported: 100rel,replaces,100rel,timer,replaces,norefersub
003046.928|sip |0|00| User-Agent: PolycomVVX-VVX_300-UA/4.1.4.7430
003046.928|sip |0|00| Accept-Language: en
003046.928|sip |0|00| Accept: application/sdp,text/plain,message/sipfrag,application/dialog-info+xml
003046.928|sip |0|00| Accept-Encoding: identity
003046.928|sip |0|00| Content-Length: 0
003046.928|sip |0|00|
003047.925|sip |0|00|<<<Packet Received
003047.925|sip |0|00| OPTIONS sip:200@192.168.100.200:56052 SIP/2.0
003047.925|sip |0|00| Via: SIP/2.0/UDP WAN.WAN.WAN.WAN:5060;branch=z9hG4bK5767a0c8;rport
003047.925|sip |0|00| Max-Forwards: 70
003047.925|sip |0|00| From: "Unknown" <sip:Unknown@WAN.WAN.WAN.WAN>;tag=as03fc9f97
003047.925|sip |0|00| To: <sip:200@192.168.100.200:56052>
003047.925|sip |0|00| Contact: <sip:Unknown@WAN.WAN.WAN.WAN:5060>
003047.925|sip |0|00| Call-ID: 03e168c7093bb4f356a8837800167894@WAN.WAN.WAN.WAN:5060
003047.925|sip |0|00| CSeq: 102 OPTIONS
003047.925|sip |0|00| User-Agent: -2.11.0beta2(11.7.0)
003047.925|sip |0|00| Date: Wed, 29 Jan 2014 16:46:58 GMT
003047.925|sip |0|00| Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH
003047.925|sip |0|00| Supported: replaces, timer
003047.925|sip |0|00| Content-Length: 0
smeyer
January 29, 2014, 4:56pm
3
I have no idea where it is getting the WAN.WAN.WAN.WAN IP. It is not programmed into the phones anywhere.
smeyer
January 29, 2014, 5:37pm
4
DERP Figured it out.
I needed to add the remote subnets to the SIP conf.
Thanks documentation.