Cisco + GRE + pfsense + sipxecs
-
Hi,
I have a couple of polycom soundpoint 650 inside my 2 networks which are both behind pfsense.
My network looks like this:
SITE A SIPX –> PFSENSE --> CISCO --> |||| VIA GRE TUNNEL |||| <-- CISCO <-- PFSENSE <-- SIPX SITEB
I use Cisco IPSEC GRE Tunnel for this purpose.
I set the pfsense to Manual Outbound NAT rule generation (Advanced Outbound NAT (AON))
My NAT rules:
WAN 172.16.3.0/24 * * * * * YES (VLAN SUBNET)
WAN 172.16.1.0/24 * * * * * YES (PFSENSE/CISCO SUBNET)Create 3 firewall rules in pfSense (FOR WAN/VLAN):
* Action: Pass
* Interface: WAN
* Protocol: UDP
* Source: any
* Destination: WAN address
* Destination port range: 5080* Action: Pass
* Interface: WAN
* Protocol: TCP/UDP
* Source: any
* Destination: WAN address
* Destination port range: 5060* Action: Pass
* Interface: WAN
* Protocol: TCP/UDP
* Source: any
* Destination: WAN address
* Destination port range: 30000 – 31000I can connect via IPSEC GRE Tunnel and can route on each sites. I can ring the phones but if you pickup you can't hear voice from the user.
My questions are:
1. Could this be a firewall problem? Any other ports to open in order to establish the voice?
2. Is it required to pass gre protocol even if I have GRE tunnel established?
3. I can establish a call using xlite on each site but not on a hard phone.I also made an ACL in cisco to open 5060(UDP/TCP) but it's no use.
I will greatly appreciate any inputs here.
Thank you in advance.