How to connect a phone from a different subnet

daniel_fontaine · June 29, 2017, 11:36am

Hello Forum

I have 2 offices in 2 different cities with a Router to Router VPN already in place and working.

The main office host the FreePBX server (PBX firmware 10.13.66.20). Server IP is 192.168.2.245, 255.255.255.0
all phones are connected and working from that office
The remote office I want to connect 4 phones… - 192.168.20.xx, 255.255.255.0.
Firewall is activate from the PBX
Firewall/main/interface: 192.168.2.245/24 set as internet (default firewall)
Firewall/main/networks: I created a rule 192.168.20.0/24 = trusted
I have created an entry in EPM for one of the remote phone and it does not register.
From the PBX (192.168.2.245), from the sh interface, I can ping the phone (192.168.20.238)
In the SH interface, when I do asterisk -rvvvvvvvvvvvvvv and I try manually from the phone to register to the PBX… there is no messages
Phone is Grandstream GXP2140 with the latest firmware.

Please help

Tks

Dan

arielgrin · June 29, 2017, 12:02pm

Can you ping the other way round, that is from the 192.168.20.x subnet to the FreePBX Server?

danielf · June 29, 2017, 12:12pm

Hello @daniel_fontaine,

Make sure that you add the remote networks to your sip nat local networks (192.168.20.0/255.255.255.0).
And of course, verify the connectivity to the PBX from the remote side as @arielgrin suggested.

Thank you,

Daniel Friedman
Trixton LTD.

daniel_fontaine · July 24, 2017, 6:57pm

I can ping from 192.168.20.x the FreePBX server, no problem
I added 192.168.20.0/24 in SIP Nat local as suggested by Dan Friedman…
Still not working.

In EPM, if I do a network scan of the 192.168.20.0/24, i have nothing, Even if i have 5 phones availabe and connected on the 192.168.20.xx network.

Dan

danielf · July 25, 2017, 11:50am

hello @daniel_fontaine,

Do you use the Freepbx firewall? or do you have another set of iptables rules on your pbx server?

Thank you,

Daniel Friedman
Trixton LTD.

daniel_fontaine · July 25, 2017, 12:01pm

I am using Freepbx Firewall… and I have created a rule in the freepbx firewall to accept communication from 192.168.20.238 (one of our phone to test)

danielf · July 25, 2017, 12:46pm

Hello @daniel_fontaine,

Can you disable the Freepbx firewall and check your connectivity again?
You need to eliminate all the blocking factors.

Thank you,

Daniel Friedman
Trixton LTD.

arielgrin · July 25, 2017, 11:15pm

In general terms, you must permit each pbx to reach the other pbx both in the firewall and in the route table. In pbx A firewall add the network of pbx B and viceversa. Also in route table of pbx A add the network of pbx B and viceversa.

daniel_fontaine · July 26, 2017, 1:09pm

I added to the route table

route add -net 192.168.20.0 netmask 255.255.255.0 dev eth0

did not worked

I even did a direct route…

route add -host 192.168.20.238 gw 192.168.2.1 dev eth0

did not worked.

arielgrin · July 27, 2017, 1:05am

Assuming you are using the correct command that is relevant to your network setup, there is something interfering with the network communication. Can you try disabling the firewall temporarily to rule that out?