No announcement yet.
  • Filter
  • Time
  • Show
Clear All
new posts

  • Switch Not Communicating

    Good morning! I am definitely not an installer, I am the IT guy for a mid-sized medical practice looking for some good advice. We have two locations using Shoretel and at our smaller location the edge router had a situation and we replaced it. To add a little complication, we had just installed, but were not yet using a new Internet service at the site which was faster (300Mbps coax vs 10Mbps fiber) and much cheaper. We already had a new ASA on hand configured for this new ISP so we quickly installed it to bring the site back up. The only delay in this was getting our external IT vendor to create the new VPN using the new static IP which was done and traffic is not passing between the two sites.

    Here is our issue that I hope I can get some advice on. The Shoretel switch and phones in that location are using the same network as the regular clients. From our main location, I can successfully ping the phones and switch over the VPN. From the remote location, I can successfully ping the server and other switches located at the main location. Looking at Connectivity on Shoretel Director, the remote switch can see itself, the server, but not the other two switches at our main facility. I know that Shoretel is using UDP for traffic and pinging is ICMP so obviously ICMP is working. I have our external IT vendor as well as our Shoretel vendor working on this issue. This site has been down for three days without resolution and I'm growing anxious to get it back up. Can you guys give advice on what I could possibly relay to these companies that maybe they haven't looked at yet? The entire VPN was rebuilt, so maybe there is something there that needs allowed, checked, etc. to allow this traffic to flow?

    I appreciate any help you can provide!


  • #2
    What are you using for the VPN tunnel ? (firewall type)


    • #3
      I will usually telnst to a switch and ping from there. Then I can be sure the gateway is ok, etc.Also the Shoregear CLI has a utility called LSP_Ping that will use UDP port 5440 to verify connectivity. Shoretel uses UDP port 5440 to verify switch connectivity, and UDP port 5446 for servers.

      I just had a case where one of my switches would not connect to switches at a remote site, but showed OK to the server at HQ and the DVS at that same location. Site to site pings were all OK. After lots of troubleshooting with Wireshark it appeared that the UDP port 5440 data packets were being sent out, but were not arriving at the remote side. We basically put it on the IT to check his VPN.

      Eventually we changed the IP address of the SG switch, then changed it back. Now it works fine. I don't know what the problem was, or why it started working. There was no IP conflict. Just changing the IP address fixed it. I still think it was a router issue, but no way I will know for sure.


      • #4
        So the HQ site and the remote site are using the same subnet or on the same subnet?? Is the traffic over the VPN being NATed ??


        • #5
          sounds like LSP troubles too me. occdave's recommendation of using lsp_Ping "" is the best start if you get more than a few missing packets then you have lsp being hijacked somewhere.