Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Traffic Shaping Alcatel PBX VoIP across OpenVPN

    Scheduled Pinned Locked Moved Traffic Shaping
    4 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jakeyg
      last edited by

      Hi there

      I have 3 sites connected via OpenVPN. The main site is 192.168.0.* and we have an old alcatel PBX on it (192.168.0.99).  I have two remote IP phones that connect to the pbx via OpenVPN at 192.168.10.50 and 192.168.30.38.  As we only have an ADSL connection at the main site (12Mbps/.8Mbps) when users start to remote in or watch cameras etc the upload bandwidth gets chewed up very quickly.  Despite having setup QoS with the wizard when i look at the queues the qVoIP queue doesnt ever shows its being used even though calls are being made.  Obviously as soon as the upload is being heavily used the calls drop packets or they sound like they are underwater.  I dont know the specifics of the alcatel system but its supposed to run on port 5059 (i think standard VoIP runs on 5060) so is that why it doesnt show in the queues? Also ive been using wireshark to see whats going on and when a call is made from an internal number it sets up on port 5059 to the pbx and then the pbx will hand off so the connection becomes IP to IP with no PBX middle man.  I can see that often src or destination port is 3200 when this occurs.  Im a massive newb so any help would be appreciated but i just really need to get the call quality better than what it is.

      On another note, though this probably belongs in multiWAN I have also tried to add a 4g dongle as another WAN interface and send all traffic that goes to those remote IPphones through the dongle instead, but i just cant seem to figure out the rules as none of the traffic goes through the dongle even though i change the default gateway to that wan.  Ill probably post in more detail about that in the other forum

      Cheers

      openvpn.png
      openvpn.png_thumb
      4gvpn.png
      4gvpn.png_thumb

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Your WAN port doesn't see VoIP traffic, it sees OpenVPN traffic. Prioritize that instead.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • J
          Jakeyg
          last edited by

          Thank you

          that makes a lot of sense.  The problem is i have no idea how to do that and there is no option for openvpn in the wizard just pptp and ipsec.  can you point me in the right direction?

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            Depends on whether you're shaping on the OpenVPN client or the server.

            If the server, set the queue on the firewall rule that passes OpenVPN traffic into the firewall.

            If on the client set a floating match rule on WAN out for the OpenVPN client (UDP/1194?) and set the queues there.

            There is not anything in the wizard for this. Use the wizard to establish basic queues and manually tweak from there.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.