atcomsystems.ca/forum Forums TDM Business Telephone Systems Samsung Telephones & Systems Loss of audio when changing to private with public

That makes sense.

If I could have this phone on a VPN, I would.

This is for an accounting firm and sometimes they will set up at a client's office for a week or more. They would like to be able to take a phone with them and connect back to the main office, so there would not be a VPN for that connection.

How would I best communicate to the IT folks what the problem is so they can address it?

-Will

Perhaps they can Vlan the phone out to a different address and subnet not going through the VPN... That way it will pick up a new address and just use the public internet on site versus having the traffic travel through the vpn. Or if they are kinda tech savy, teach them how to go in and change the server address for when they move to a different location.

Not sure I'm clear on what you are suggesting Biztel.

If we could put this phone on a VPN, there would be no problem, we could use the internal address. But using a phone on a remote site that is not VPNd back to the main is the issue.

All the phones that are VPNd are addressed to the local address of the KSU and work fine.

It was a different solution that possibly wouldn't apply. I would try nameless suggestion of forwarding the ports for MPS/RTG to the cards. If you hadn't already done those.

I am curious, what kind of Firewall are they using at the site of the system?

Ah, yes. This site is a 7100, so only one IP to deal with.

The firewall they are using a Fortiwifi30D.

Cheers,

Only if you're using the onboard MGI. If you have a OAS card, then you will have 2 addresses to deal with. The internal one for the MP and the one for the OAS card.

I do appreciate that having all the phones inside the VPN would be preferable. The two remote offices are configured like that and work pretty well.


What I am hoping is to see if we could find a way to have a phone from outside the VPN connect and function.

So if a phone is coming from the public internet to the (.1.xxx) network that is part of the VPN, something in the translation replaces the public IP of the phone with the local IP of the router.

This results from what I can surmise in the phone system not being able to send back any voice traffic.

If that is a loop, what would be the best way to relay that info to the IT folks?

Naturally if a phone is connecting to a system using the public IP then it will route that way. Regardless if the 2 networks are using a VPN tunnel to talk to each other on a local subnet. Therefore if the phones will connect to 10.x.x.x as a public IP then the system will look for traffic forwarded from that. Doesn't matter if there is a VPN or not.

It seems that maybe the MGI ports are not being forwarded correctly if the audio isn't passing. Or the public IP set in your OAS card isn't the same matching the one for the MP10a. I would double check these settings. Also, what are your Port ranges for the OAS card and the ones for the MP10a as far as MGI goes?

You'll need to put the vpn offices address ranges (x.x.x.255) into mmc838.
That way they will still work over the vpn when you enable private with public.
This will have no effect on the public registered phones as they will report the public ip of their internet connection to the system