He;p : VOIP connection between two CME over Internet connection
mnour.tamer
Member Posts: 5 ■□□□□□□□□□
Hello ,
We have Different Site with almost exact Configuration for Cisco VOIP using a CME 2911 Router with VIC-4FXO Card installed .
we have 4 PSTN Line for all sites .
my Question is that all sites fore the time being are can be reached by using the PSTN Network . Since we have high speed internet connection in each site , I am looking to get this phone calls between sites to be as internal extension like 1xxx to 2xxx and so on .
to sum up we multiple sites with high speed internet connection " static IP address , no VPN connection between them ) . I have already tried with the commands that usually we should put but i ma still having an issue
when ever i called the other site " any phone extension " there is nothing happening after i dial before i get a busy tone .
please Help
We have Different Site with almost exact Configuration for Cisco VOIP using a CME 2911 Router with VIC-4FXO Card installed .
we have 4 PSTN Line for all sites .
my Question is that all sites fore the time being are can be reached by using the PSTN Network . Since we have high speed internet connection in each site , I am looking to get this phone calls between sites to be as internal extension like 1xxx to 2xxx and so on .
to sum up we multiple sites with high speed internet connection " static IP address , no VPN connection between them ) . I have already tried with the commands that usually we should put but i ma still having an issue
when ever i called the other site " any phone extension " there is nothing happening after i dial before i get a busy tone .
please Help
Comments
-
negru_tudor
Member Posts: 473 ■■■□□□□□□□
Some brief advice for your problem:
1) No VPN/plain tunnel between the sites => failed calls (NAT will mess up the RTP stream maps)
2) Dialing a number with nothing happening means that your signaling isn't getting where it should how it should; make sure you're using similar signaling protocols (ex. only H323 or SIP) on your dial peers
A brief example of 2 routers with a VoIP trunk between them :
Router1(Config)#interface loopback1
Router1(Config-interface)#ip address <ip address of Router1>
Router1(Config-interface)#exit
Router1(Config)#voice service voip
Router1(Config-voi-serv)#allow-connections sip to sip
Router1(Config-voi-serv)#media flow-through
Router1(Config-voi-serv)#sip
Router1(Config-serv-sip)#bind control source-interface Loopback1
Router1(Config-serv-sip)#bind media source-interface Loopback1
Router1(Config-serv-sip)#end
Router1#config t
Router1(Config)# dial-peer voice 2 voip
Router1(Config-dial-peer)#destination-pattern 2...
Router1(Config-dial-peer)#session protocol sipv2
Router1(Config-dial-peer)#session-target ipv4:<ip address of Router2>
Router2(Config)#interface loopback2
Router2(Config-interface)#ip address <ip address of Router2>
Router2(Config-interface)#exit
Router2(Config)#voice service voip
Router2(Config-voi-serv)#allow-connections sip to sip
Router2(Config-voi-serv)#media flow-through
Router2(Config-voi-serv)#sip
Router2(Config-serv-sip)#bind control source-interface Loopback2
Router2(Config-serv-sip)#bind media source-interface Loopback2
Router2(Config-serv-sip)#end
Router2#config t
Router2(Config)# dial-peer voice 1 voip
Router2(Config-dial-peer)#destination-pattern 1...
Router2(Config-dial-peer)#session protocol sipv2
Router2(Config-dial peer)#session-target ipv4:<ip address of Router1>
Router2(Config-dial peer)#end
This should get your routers talking assuming you've a VPN or simple tunnel between them. If you don't know how to do a VPN, just try a plain site-to-site tunnel though take caution as your voice traffic can be easily intercepted and analyzed if no security is in place. More details here: Configuring Point-to-Point GRE VPN Tunnels - Unprotected GRE & Protected GRE over IPSec Tunnels
EDIT: If you have CUBE (Cisco Unified Border Element) features enabled on your IOS then you might be able to avoid using a VPN if you add the lines I've highlighted with Bold + Italic fonts in the "voice service voip" section. However, you might need to get your routers to use the interface you have the public IP assigned to as the "source-interface" for media and control traffic. Could take a bit of tinkering to get right but it could work...voice traffic would still be sent in clear though; this would only alleviate the need for a VPN.
Good luck.2017-2018 goals:
[X] CIPTV2 300-075
[ ] SIP School SSCA
[X] CCNP Switch 300-115 [X] CCNP Route 300-101 [X] CCNP Tshoot 300-135
[ ] LPIC1-101 [ ] LPIC1-102 (wishful thinking) -
mnour.tamer
Member Posts: 5 ■□□□□□□□□□
Thanks for your great answer ,
so if I understand correctly , I should have a mechanism to build a private connection between two sites " VPN or any tunnel connection like GRE ) even I have a real static IP address . -
negru_tudor
Member Posts: 473 ■■■□□□□□□□
mnour.tamer wrote: »Thanks for your great answer ,
so if I understand correctly , I should have a mechanism to build a private connection between two sites " VPN or any tunnel connection like GRE ) even I have a real static IP address .
Sorry but I don't understand what you mean...you MUST have a STATIC PUBLIC IP to establish a VPN or GRE tunnel between two peering sites; this is also necessary if you decide to not build a tunnel and just try with the "media flow-through" option.2017-2018 goals:
[X] CIPTV2 300-075
[ ] SIP School SSCA
[X] CCNP Switch 300-115 [X] CCNP Route 300-101 [X] CCNP Tshoot 300-135
[ ] LPIC1-101 [ ] LPIC1-102 (wishful thinking) -
mnour.tamer
Member Posts: 5 ■□□□□□□□□□
Thanks , now I got exactly what you mean .
I will try it and let you know with the result -
mnour.tamer
Member Posts: 5 ■□□□□□□□□□
Before I test any thing , I have something to say , I got some part of the configuration here with my comments
ip dhcp pool Voice
network 10.8.2.0 255.255.255.0
option 150 ip 10.8.2.2 /// loopback interface IP address
default-router 10.8.2.2 /// loopback interface IP address - this one was default-router 10.8.2.1 & there was nothing on earth with this IP address , in that case after changing , should I reset phone to have the new gateway
voice service voip
allow-connections sip to sip
sip
bind control source-interface Loopback0
bind media source-interface Loopback0
registrar server expires max 3600 min 600
interface Loopback0
ip address 10.8.2.2 255.255.255.0
h323-gateway voip interface
h323-gateway voip bind srcaddr 10.8.2.2
interface GigabitEthernet0/0.102
description VOICE
encapsulation dot1Q 102
ip unnumbered Loopback0
interface GigabitEthernet0/1
description Internet
ip address 216.x.y.z 255.255.255.0 /// Public Ip address
IP NAT outside
ip nat inside source list 1 interface GigabitEthernet0/1 overload
access-list 1 remark CCP_ACL Category=2 ///// no NAT has been added to the Voice subnet " should I add one ? & add Ip nat inside under the interface GigabitEthernet0/0.102
access-list 1 permit 10.8.0.0 0.0.0.255
access-list 1 permit 10.8.30.0 0.0.0.255
at the end , I should add media flow-through command
for the session target is the public IP address of the other router
am I right ?
-
negru_tudor
Member Posts: 473 ■■■□□□□□□□
Hi there.
Ok, based on what you're asking:
- I see you don't intend to use VPN/tunnels
- You do not need NAT for voice if you use the "media flow through" command
- You can add the "media flow-through" command under the dial-peer configuration as well
- Yes, you will need to point Router1's "session target ipv4:" section to the Public IP of Router2. How would it know / be able to reach the internal ones?
- You might need to change the bind-control & bind-media to use the public IP address (Gigabit 0/0); test it first and then adjust if needed
- Yes, you will need to reset the phones if you make changes to the DHCP pools or IP subnets
- a tunnel would have made things simpler I think but you might get it working this way2017-2018 goals:
[X] CIPTV2 300-075
[ ] SIP School SSCA
[X] CCNP Switch 300-115 [X] CCNP Route 300-101 [X] CCNP Tshoot 300-135
[ ] LPIC1-101 [ ] LPIC1-102 (wishful thinking)
