    We have a two site system consisting of:

    HQ Site:
    HQ server
    Conference Bridge
    2 x SG-220T1A
    2 x SG-T1k
    2 x SG-24A
    120 x ShoreTel230g phones

    Remote Site:
    1x DVM Server
    1 x SG-90V (Not used for Voicemail)
    1 x SG-50
    1 x SG-T1k
    24 x ShoreTel 230g phones

    Sites are connected via a VPN (Checkpoint R65 @ HQ to Checkpoint UTM-1 Edge @ Remote Site) With a 10Mbps connection at HQ and a T-1 at the remote site.

    We initially forced all calls between sites to use the PSTN by configuring each user with PSTN failover settings and setting admission control bandwidth to 0 to force PSTN failover. Now we are changing direction and wish to use the WAN for Inter-Site calls. After opening up the Admission control bandwidth at both sites to 1024, we find the we can only make Inter-Site(WAN) calls from the remote site to HQ, but not the other way around.

    When trying to make a call from HQ to the remote site, it uses PSTN failover, and the following is set in the Windows Application event log on the HQ server:

    Event Type: Information
    Event Source: ShoreWare
    Event Category: Switch
    Event ID: 1338
    Date: 10/5/2010
    Time: 7:46:00 AM
    User: N/A
    Computer: <HQ Server Name>
    Switch <SwitchName>: Using PSTN failover to reach extension 1176 from extension 3703, reason eReason_Timeout

    If I disable PSTN failover for the user I am trying to call, when I dial then the phone shows an active call (Timer counting Up) and shows the extension number I am trying to call, but just sits there in silence for about 4 minutes and then goes back to idle (call disappears).

    ShoreTel support is stumped but thinks it is our network. I don't doubt that is true, but can't find anything wrong. The firewalls are not dropping any traffic (Except for the occasinal out of sequence packet). Routing between subnets and sites seems to be working fine.

    Can anyone give me some clues as to what could cause this? Possibly what log files to look at and what to look for in them? Can someone also describe the communication between the different devices (for an inter-site call) that I should be seeing if I start doing packet captures? (IE: Phone-switch, switch-switch, switch-phone, Phone-phone, etc.) I was told in our admin training class that once the call is setup by the switches, the phones talk directly to each other, but am not sure.

    Thanks in advance for any insight you can provide.


    Hi Aaron, can we assume that all is Green in Switch Connectivity? The ShoreGear switches as you quite rightly state only are involved in Call Setup and Teardown.


      Yes, the Switch Connectivity screen showed all green.

      We ended up replacing the VPN with a Point to Point T1 at that site and the problem was solved.

      We now have implemented ShoreTel at another Checkpoint VPN site and are experiencing other problems, but calls can be made both directions for the most part, but not reliably. This time the switch connectivity screen shows lots of red and it changes from time to time. Also, lsp_pings are failing between certain switches and/or servers. It is not consistent to a particalar site/subnet though as one swich can connect to the remote switches and one sitting right next to it on the same subnet cannot. Still seems to be VPN "gremlins". We are still trying to determine what is wrong.


        Don't forget to check your MTU and MSS. I had a VPN with a MSS of 1500, but add on the VPN header and the total packet size was around 1548. This was too large to traverse the ISP's network, so the ShoreTel switch would show as coming up and going down again every few seconds. This was because the first few packets of the protocol went through fine, until the server tried to send one that hit the 1500 limit.