Good afternoon all,
I’ve got a bit of an odd one today. I’ve got a /30 and a /28 assigned to a Cisco IOS device with a Meraki connected behind it. There is an IPSec tunnel between the Cisco IOS device and another Cisco IOS device (because Meraki sucks with playing nice with others). There is a connection to the internal LAN coming off of the first Cisco device which dumps the traffic from the satellite office directly onto the HQ default VLAN (there is only 1 – I’ll change that, eventually).
There is a route map in place on the external Cisco IOS router (with the /30 and /28) that redirects all VPN traffic to the Meraki to be routed/filtered/etc.
Everything works perfectly. Or so I thought…
The satellite office’s internet is a full tunnel back to HQ. The satellite office has (2) IP phones. I (at HQ) can ping everything on their site, everything on their site can ping me. The SIP phones however cannot register back to HQ, despite being able hit the server. Based on the topology, I’m not sure how this makes sense – there shouldn’t be any type of filtering being applied here… strictly just routing. If the devices can reach the registrar… how can they be failing?
Any thoughts as to what to look for?
Thank-you!
No comments:
Post a Comment