Menu
What's new
By:
Filters Better Search

VPN Blocking SIP Trunk Keep Alive

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

M

Mike S

Regular Contributor
I have an Asus RT-AC88U router at my Mpls office and an RT-AC68U at my Naples office, both running Asus-Merlin Rel 384.17. The Naples Router has an OpenVPN Server Configured. The Mpls Router has an OpenVPN Client Connected to the Naples Router with Create NAT on Tunnel = NO and Inbound Firewall = Allow. The Firewalls on both routers are disabled.

Attached to the router LANs at each location I have a Grandstream UCM6204 IP-PBX systems with Peer SIP Trunks configured connecting the two UCM systems. Each UCM can successfully ping the other UCM.

When I first configure the Peer SIP Trunks on the UCM systems, the connections work fine. After a week or two, the trunks no longer work. When I do a network trace on each of the UCM systems, they are sending SIP Keep Alive packets to the remote UCM, but the remote UCM does not seem to see these packets. While I have this failure mode, each UCM can still ping the remote UCM.

I'm pulling my hair out trying to figure out why these SIP keep alive packets are being blocked. How can I debug this problem?
 
Why would you disable the firewalls on both routers? :eek:
 
So, you endanger your entire network (x2)?
 
Are the keep alives NAT keep alives of the empty UDP packet type that requires no response, or are they full SIP OPTIONS out of call packets expecting a 200 OK response?
I’d recommend using the latter.

You say you have NAT tunnel set to NO, are you referring to TAP vs TUN? Either way, which are you using?

When you say they are not being seen how are you testing this? PCAP trace on box PBXs? You can also install Entware on both routers and then tcpdump onto the routers so you can trace at every step where the packet disappears/is ignored.

I design and maintain custom VoIP networks for ISPs, the last of which ran over a mesh VPN between nodes, so if I can’t work this out I’ll... [emoji23]


Sent from my iPhone using Tapatalk
 
You must log in or register to reply here.

Similar threads

DanielCoffey
[AX86U] Half audio on incoming VoIP SIP calls, NAT mismatch?
2
Replies
27
Views
3K
DanielCoffey
DanielCoffey
T
Asus RT-AX86U and PS5 5GHz wifi not really alive when first putting into rest mode?
Replies
3
Views
468
thelateclacker
T
S
RP-AX58 VOIP Problem
Replies
5
Views
679
sluzza
S
Wishmaster1965
Solved OpenVPN Server Issue
Replies
5
Views
675
Wishmaster1965
Wishmaster1965
M
NAT over VPN?
Replies
1
Views
422
MKz71
M
Similar threads
Thread starter Title Forum Replies Date
S VPN blocking MMS text messages Asuswrt-Merlin 8
O Assigned IP address to the WAN interface via VPN director: no internet connection - why? Asuswrt-Merlin 1
A Asus Merlin 388.6_2 VPN-Director Asuswrt-Merlin 5
M VPN FUSION & VPN DIRECTOR Merlin Firmware Asuswrt-Merlin 34
B VPN + Diversion Asuswrt-Merlin 5
S VPN director and LAN traffic Asuswrt-Merlin 2
B Firewall lan - vpn? Asuswrt-Merlin 0
V Two VPN connections from home network at the same time -> problems Asuswrt-Merlin 6
J Correctly using VPN Director? Asuswrt-Merlin 2
L&LD Problem with VPN Director Asuswrt-Merlin 6

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 865 (members: 25, guests: 840)
Top