One-way audio - Draytek 2830 L2L VPN

#1 (**permalink**) 09-11-2011, 01:10 PM

Hmm.

I have a pair of Draytek 2820 routers performing VPN for a remote
extension off an Ansterisk PBX. All working OK.

Now, I have a pair of 2830 routers. Attempting to do the same at a
different site....get one way audio (Remote phone can hear PBX end)

I have also tried setting up a VPN between one 2830 and one of my
working 2820 sites and get the same one-way audio problem.

Any suggestions?

#2 (**permalink**) 09-11-2011, 07:37 PM

In article <mn.5b527db9be2079ab.88534@blueyonder.invalid>, Jono
<nothanks@blueyonder.invalid> scribeth thus
>Hmm.
>
>I have a pair of Draytek 2820 routers performing VPN for a remote
>extension off an Ansterisk PBX. All working OK.
>
>Now, I have a pair of 2830 routers. Attempting to do the same at a
>different site....get one way audio (Remote phone can hear PBX end)
>
>I have also tried setting up a VPN between one 2830 and one of my
>working 2820 sites and get the same one-way audio problem.
>
>Any suggestions?
>
>

You have got the VPN set up as it ought be, i.e. can you remote in from
each end and use the diagnostics to ping the other end?..

Otherwise try Draytek UK support there're usually quite helpful...
--
Tony Sayer

#3 (**permalink**) 09-12-2011, 06:14 AM

It happens that tony sayer formulated :
> In article <mn.5b527db9be2079ab.88534@blueyonder.invalid>, Jono
> <nothanks@blueyonder.invalid> scribeth thus
>> Hmm.
>>
>> I have a pair of Draytek 2820 routers performing VPN for a remote
>> extension off an Ansterisk PBX. All working OK.
>>
>> Now, I have a pair of 2830 routers. Attempting to do the same at a
>> different site....get one way audio (Remote phone can hear PBX end)
>>
>> I have also tried setting up a VPN between one 2830 and one of my
>> working 2820 sites and get the same one-way audio problem.
>>
>> Any suggestions?
>>
>>
>
> You have got the VPN set up as it ought be, i.e. can you remote in from
> each end and use the diagnostics to ping the other end?..
>

Everything's routing....except one audio path!

> Otherwise try Draytek UK support there're usually quite helpful...

I fired off a support "contact us" form to them.

#4 (**permalink**) 09-12-2011, 01:16 PM

On 12/09/2011 07:14, Jono wrote:

>> Otherwise try Draytek UK support there're usually quite helpful...
>
> I fired off a support "contact us" form to them.

I'd be interested in any news on this.
When I had 2 x 2910 I could ring over vpn no problem but having changed
one end to 2920 (previous one died) I can call via private IP add. but
also no audio on connection.

8¬O

--
http://www.GymRatZ.co.uk - Fitness+Gym Equipment.
http://www.bodysolid-gym-equipment.co.uk
http://www.trade-price-supplements.co.uk
http://www.water-rower.co.uk

#5 (**permalink**) 09-12-2011, 09:03 PM

In article <j4l0ol$fck$1@dont-email.me>, www.GymRatZ.co.uk <0845.86.86.8
88@GymRatZ.Gym.Equipment> scribeth thus
>On 12/09/2011 07:14, Jono wrote:
>
>>> Otherwise try Draytek UK support there're usually quite helpful...
>>
>> I fired off a support "contact us" form to them.
>
>I'd be interested in any news on this.
>When I had 2 x 2910 I could ring over vpn no problem but having changed
>one end to 2920 (previous one died) I can call via private IP add. but
>also no audio on connection.
>
>8¬O
>

JOOI I had to do a firmware upgrade today on some bog standard 2820
routers . Looking at the trail of previous F/W updates and changes there
was a Very long one with VoIP alterations. I don't know if thats having
anything to do with it at all?...

--
Tony Sayer

#6 (**permalink**) 09-13-2011, 03:24 PM

"Jono" <nothanks@blueyonder.invalid> wrote in message
news:mn.5b527db9be2079ab.88534@blueyonder.invalid. ..
> Hmm.
>
> I have a pair of Draytek 2820 routers performing VPN for a remote
> extension off an Ansterisk PBX. All working OK.
>
> Now, I have a pair of 2830 routers. Attempting to do the same at a
> different site....get one way audio (Remote phone can hear PBX end)
>
> I have also tried setting up a VPN between one 2830 and one of my working
> 2820 sites and get the same one-way audio problem.
>
> Any suggestions?
>
>

We recently installed a 2830 - Voip worked OK in/out and audio both ways via
wired phones and via wi-fi. Connectivity was maintained when we
disconnected the cable or DSL - still to test 3G as back up. I would
suspect your VPN packaging is blocking traffic one way for some reason.

#7 (**permalink**) 09-13-2011, 06:29 PM

www.GymRatZ.co.uk wrote on 12/09/2011 :
> On 12/09/2011 07:14, Jono wrote:
>
>>> Otherwise try Draytek UK support there're usually quite helpful...
>>
>> I fired off a support "contact us" form to them.
>
> I'd be interested in any news on this.
> When I had 2 x 2910 I could ring over vpn no problem but having changed
> one end to 2920 (previous one died) I can call via private IP add. but
> also no audio on connection.
>
> 8¬O

Got to the bottom of it, after numerous back & forth emails with
Draytek.

This particular PBX (NEC SV8100) has a physical Ethernet port for VoIP.
Within the VoIP card, there are VoIP "Resources". For each resource (2
in this case), there is an additional IP address required on the LAN. I
found I couldn't ping these IPs from the router, or from the remote
end...but could from a local machine.

So, with SYSLOG running, I could see bucket loads of firewall errors
like this:

134 2011-09-12 17:56:37 Sep 12 17:56:33 HO Arp address mismatch -
Ethernet source address doesn't match ARP sender address

So, the suggestion from Draytek was, from a telnet prompt logged in to
the router, issue the following:

> ip arp accept 1

This will return: Accept illegal ARP REPLY packets.

Subsequently issuing the following should return an indication that the
status is now enabled:

> ip arp accept status
current status: enable

Without doing this, neither router will be able to ping the IP
addresses on the VoIP resources card, nor will any remote machines be
able to ping these two addresses over the VPN...and one-way audio WILL
be experienced, although each router WILL be able to ping the Physical
card itself.

Incidentally, in the 2820 model, this is set to ENABLED by default. In
the 2830, it is DISABLED by default.

#8 (**permalink**) 09-14-2011, 07:02 PM

Meanwhile, at the uk.telecom.voip Job Justification Hearings, Jono chose the
tried and tested strategy of:

> This particular PBX (NEC SV8100) has a physical Ethernet port for VoIP.
> Within the VoIP card, there are VoIP "Resources". For each resource (2
> in this case), there is an additional IP address required on the LAN. I
> found I couldn't ping these IPs from the router, or from the remote
> end...but could from a local machine.

I've seen this before with NEC. Two LAN interfaces, media goes out of one
LAN, signalling out the other. If you're trying to SIP with the internet,
then confused your NAT will be!

--
<http://ale.cx/> (AIM:troffasky) (UnSoEsNpEaTm@ale.cx)
20:00:51 up 4 days, 1:38, 4 users, load average: 0.01, 0.04, 0.05
"People believe any quote they read on the internet
if it fits their preconceived notions." - Martin Luther King