Office Site A - UCM6202 - GXP2170 - Sonicwall TZ600
Office Site B - no UCM - GXP2170 - Shared Sonicwall TZ600
Site A - UCM6202 functions 100% with local GXP2170 and makes outbound and receives inbound calls.
Site A - can register softphones to UCM or directly to SIP provider
Site B - GXP 2170 can not register with site A UCM and can not register directly with the sip provider over the current LAN to WAN settings.
Site B - softphones can register with SIP provider using WLAN
Site B - shares the TZ600 with another client that has a working Grandstream UCM and phones
Being new to VoIP PBX’s I did not want to risk messing up the shared clients VoIP system by making changes to the SonicWall to accommodate our remote extension. Their Grandstream UCM works 100% and they are an active busy business that I do not want to chance bringing down.
My solution was to create a site to site VPN with NAT.
Site A and Site B have overlapping LAN IP ranges adding to the complexity a little.
The VPN tunnel works and I can ping both directions site A to B and site B to A.
Site A 192.168.8.x is translated to 172.16.1.x and Site B 192.168.8.x is translated to 172.16.2.x
Site B now registers with the UCM at Site A but neither site can make a call now. I broke the system
The packet captures indicate that Site B is attempting to register SIP calls and gets an error 401 Unauthorized from our UCM
The packet captures from Site A indicate error 401 Unauthorized from our GXP2170 to our UMC and we can not make calls.
I get lost in the packet captures and they only add to my confusion.
I am sure the NAT translation is the problem but I don’t know enough about NAT to fix it.
I know this is a super long detailed way of saying is there a document that tells you how to add a remote extension over VPN? I tried the following " https://www.grandstream.com/sites/default/files/Resources/ucm6xxx_remote_extension_configuration_guide_0.pdf " but this document does not use VPN between locations. I tried using the document before creating the VPN and that did not work either.