Tweet
I have read many of the VPN issues that have been posted and experienced many of the same problems as I a remote site with users and a roaming sales force that are home office based. So I thought I would share my success and hopefully reduce some of the pain other folks are feeling.
1. My firewall/VPN solution is Sonicwall LZ170. I am running voice across the internet via a site to site VPN between two LZ170's. One end has a 3Mbps Ethernet connection the other a 512Kbps DSL. The latency is in check and the dropped calls are minimal, one or two a month.
2. The remote sales folks are all using the soft-phone client from their laptops using the Sonicwall VPN client. I also use this same setup regularly to ensure I am experiencing the same issues that come up in the field. I use a Logitech USB headset, nothing fancy ($30) with excellent results.
3. The soft-phone client leaves a lot left to be desired in many areas but that is another discussion. The one single point I do want to make is, any other email or large file transfer DOES affect the voice quality OUTBOUND and the user on the other end will tell you that it is choppy. I suspect that this is related to QoS with Windows operating (XP SP2) on which application sends data first. The Shoretel soft-phone client loses every time.
4. Some folks are willing to work with the soft-phone and others aren't...Since the VPN client is tied to the laptop, I needed another way to build a VPN tunnel for the IP-230 phone without making this complicated or expensive.
5. The answer was the Zyxel Zwall P1 security appliance ($70) and a IP Sec tunnel to the Sonicwall. The Zwall P1 is not much bigger than two packs of cigarette's and easy to configure. It only supports (1) VPN tunnel which is perfect and has a host of options to troubleshoot. The current configuration has the Zwall P1 sitting behind a cable modem (Linksys WCG-200), the Zwall P1 does the NAT & NAT traversal etc. The key to the config is the Sonicwall uses the internet address on the Linksys WCG-200 Ethernet interface as the distant gateway and the Zwall P1 is still hidden. This will be an issue for users that do not have a static IP address. Luckily my IP address doesn't seem to change when DHCP lease expires (Comcast). I have seen others change every time their local router is rebooted, not good.
I hard coded the IP address settings on the IP-230 phone to make life simple as the Zwall P1 does not support the required Option 156 for DHCP to work correctly. It probably would work if I enable routing and did DHCP forwarding to the proper subnet but too much complication.
This is a IP Sec tunnel from the Zywall to the Sonicwall, no fire walling as it is not needed or other advanced security options. There are security other options available to use, I wanted to keep it simple.
I hope this helps reduce the pain with voice over the VPN, although as several others have already stated, a bad internet connection will not solve the voice quality problem only magnify it. Also I do have a couple of folks running a wireless connection to their home office router and the voice seems to work fine with the added latency most of the time. I remind them of all of the potential issues of interference etc. when the call me with a problem. Having the Zywall P1 in place will remove this as they will not be using the Soft-phone any more.
Chris
1. My firewall/VPN solution is Sonicwall LZ170. I am running voice across the internet via a site to site VPN between two LZ170's. One end has a 3Mbps Ethernet connection the other a 512Kbps DSL. The latency is in check and the dropped calls are minimal, one or two a month.
2. The remote sales folks are all using the soft-phone client from their laptops using the Sonicwall VPN client. I also use this same setup regularly to ensure I am experiencing the same issues that come up in the field. I use a Logitech USB headset, nothing fancy ($30) with excellent results.
3. The soft-phone client leaves a lot left to be desired in many areas but that is another discussion. The one single point I do want to make is, any other email or large file transfer DOES affect the voice quality OUTBOUND and the user on the other end will tell you that it is choppy. I suspect that this is related to QoS with Windows operating (XP SP2) on which application sends data first. The Shoretel soft-phone client loses every time.
4. Some folks are willing to work with the soft-phone and others aren't...Since the VPN client is tied to the laptop, I needed another way to build a VPN tunnel for the IP-230 phone without making this complicated or expensive.
5. The answer was the Zyxel Zwall P1 security appliance ($70) and a IP Sec tunnel to the Sonicwall. The Zwall P1 is not much bigger than two packs of cigarette's and easy to configure. It only supports (1) VPN tunnel which is perfect and has a host of options to troubleshoot. The current configuration has the Zwall P1 sitting behind a cable modem (Linksys WCG-200), the Zwall P1 does the NAT & NAT traversal etc. The key to the config is the Sonicwall uses the internet address on the Linksys WCG-200 Ethernet interface as the distant gateway and the Zwall P1 is still hidden. This will be an issue for users that do not have a static IP address. Luckily my IP address doesn't seem to change when DHCP lease expires (Comcast). I have seen others change every time their local router is rebooted, not good.
I hard coded the IP address settings on the IP-230 phone to make life simple as the Zwall P1 does not support the required Option 156 for DHCP to work correctly. It probably would work if I enable routing and did DHCP forwarding to the proper subnet but too much complication.
This is a IP Sec tunnel from the Zywall to the Sonicwall, no fire walling as it is not needed or other advanced security options. There are security other options available to use, I wanted to keep it simple.
I hope this helps reduce the pain with voice over the VPN, although as several others have already stated, a bad internet connection will not solve the voice quality problem only magnify it. Also I do have a couple of folks running a wireless connection to their home office router and the voice seems to work fine with the added latency most of the time. I remind them of all of the potential issues of interference etc. when the call me with a problem. Having the Zywall P1 in place will remove this as they will not be using the Soft-phone any more.
Chris
Comment