Hi folks, I was hoping somebody might be able to shine some light on this little issue which is driving me NUTS.
We have a customer setup where they have remote workers who work from home and have their PC, SIP phone handset, and printer.
We have a basic PPTP VPN from their RB433 on site to an RB750G at the head office.
The VPN is only there for the SIP traffic to ensure that the phones are secure and not connecting directly over the NET.
We trust the end user public IP to connect to the HO router on GRE and TCP/1723 to allow the VPN to work OK.
An typical setup would be for example, End user site might be 192.168.0.x/24, phone will be a DHCP address in there somewhere, and the PBX will be on 192.168.100.x for example with a static IP.
In the HO router we will have a static route for the 192.168.0.x subnet going via the remote IP for the VPN tunnel.
On the End user router we will have a static route for the 192.168.100.x subnet going via the HO end of the VPN tunnel.
Traffic flows, pings good, everything works fine.
So lets say the PBX IP is 192.168.100.1, when we setup the phone to use 192.168.100.1 as it's SIP server it registers and looks fine.
When we make a call however, the UDP stream is going from site to site via the public addresses, not through the VPN.
No matter what I have tried I can't get them to talk simply private IP to private IP.
On the public interface of each router there is a simple masquerade rule which just says for anything going out this interface masquerade it, but the traffic shouldn't be getting to that point because it should disappear of the VPN.
There must be something stupid I am missing here with UDP, is anybody able to shine some light on this for me please ??
We are using ROS 5.19 on each end user location and ROS5.4 at the HO router.
Thanks in advance