PDA

View Full Version : NGX R65 SecuRemote issue with Alcatel VoIP



SonofThor
2009-03-03, 12:53
Hi,

We're trying to get Alcatel IP PIMPhony to connect to our OMNIPBX over a VPN setup consisting of a remote client using SecuRemote R60 and a Splat box running NGX R65/VPN-1 UTM.

The Alcatel software initiates a HTTP connection to the phone system over the VPN and this works fine. It then switches to TFTP and tries to download a config. file and then fails to connect to the phone system (bombs out with an Alcatel-specific error message). Wireshark reveals that when UDP packets are sent to the phone system, the reply appears to be masked behind the external IP of the firewall, rather than the LAN IP of the phone system itself - this appears to cause the process to fail as the PIMPhony software then tries to connect to the external IP of the firewall.

Any help with this would be much appreciated!

Cheers

Son of Thor

SonofThor
2009-03-04, 12:21
The tracker reveals that the TFTP packets are hitting the external interface of the firewall and are being dropped by the stealth rule. The Alcatel PIMPhony software is configured to use the LAN IP of the Alcatel and this works for TCP traffic.

Cheers

Son of Thor

lammbo
2009-03-04, 16:15
Are you using office mode? If so, is the default gateway in your IP scope? I know what I'm asking may sound strange, but I've seen some strangeness with Cisco's softphone in similar circumstances (long ago).

When we started using a real DHCP server for our IP pool and setting a default gateway in the scope properties, the issue was resolved.