This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem between RED and XG - transmission of the voice

Hello,

we have a problem with the transmission of the voice on our IP telephones between the XG and the SD-RED 20.

The connection can be established (it rings and you can pick up the receiver), but nothing can be heard.

The RED is located in the network 192.168.150.0/24

The XG in the network 192.168.130.0/24.

The telephone system has the 192.168.130.251.

Otherwise all traffic between the XG and the RED works.

Do any routes have to be set here in addition to the firewall roles?

Thank you very much and best regards ...

Martin



This thread was automatically locked due to age.
Parents Reply Children
  • FormerMember
    0 FormerMember in reply to Admin TSK

    Assuming you have kept RED in the VPN zone.

    In this case, you just need VPN to LAN firewall rule to communicate between Sophos Firewall local network: 192.168.130.0/24) and RED network: 192.168.150.0/24

    If it's in the LAN zone, then a firewall rule needs to be configured with LAN as a source and destination zone.

    Please take the packet capture by following the below steps:

    ==> Navigate to Diagnostics > Packet capture

    ==> Use BPF string: host 192.168.150.x and proto ICMP

    Here, 192.168.150.x is an IP address of the source machine from where you're checking ICMP(ping).

    ==> Start the capture and initiate a ping from the RED network machine.

    This would confirm whether traffic from the RED network hits on Sophos Firewall or not.

  • I have to explain it a little differently again.

    From the LAN (192.168.130.0) I can get into the RED network (192.168.140.0) without any problems.

    My problem is that I cannot get into the RED network from the VPN network (172.168.130.0).

    With a ping to 192.168.150.101, for example, "Response from 62.155.247.198: Target network cannot be reached."

    However, I do not know this IP.

    I have set up a firewall rule VPN - RED / RED - VPN.

    However, this has not yet resulted in success.

    Can you help me here?

    Best wishes
    Martin

  • FormerMember
    0 FormerMember in reply to Admin TSK

    Which VPN are you using?

    Could you please also post a snapshot of the RED interface configuration?

    It would be great if you can share a rough network diagram.

  •  Hello,

    I have attached my RED config. Unfortunately I don't have a network diagram. But it's nothing great.

    I have a

    1. LAN: 192.168.130.0/24
    2. VPN: 172.168.130.0/24 - Sophos Connect
    3. RED: 192.168.150.0/24

    Everything works between LAN and VPN / RED
    Not between VPN and RED.

    He just doesn't know the route from 172.168.130.0 to 192.168.130.0.

    Best wishes
    Martin

  • FormerMember
    0 FormerMember in reply to Admin TSK

    Request to follow the steps below to check packet flow:

    ==> Go to Diagnostics > Packet capture

    ==> Enter BPF string: host 192.168.150.101 and proto ICMP

    ==> Start a ping to 192.168.150.101 from VPN network 172.168.130.0/24 and share packet capture snapshot.

  • here?

    if I set this and execute a ping nothing happens ...

  • FormerMember
    0 FormerMember in reply to Admin TSK

    Start packet capture with BPF string: host 192.168.150.101 and proto ICMP as shown below.

    Then, ping to 192.168.150.101 from VPN network 172.168.130.0/24 and share packet capture output.

  • Ok... i have do this...

    The result is... no entries...

    We have a second RED, with IP 192.168.140.0/24

    A PC behind it has the IP 192.168.140.103

    The two networks simply cannot seem to see each other.

    Martin

  • FormerMember
    0 FormerMember in reply to Admin TSK

    Which VPN are you connecting to? Is it remote access VPN or site to site?

    Please take packet capture on IP address to which you're testing ping connectivity. 

    eg: host 192.168.150.101 and proto ICMP

    or 

    host 192.168.140.103 and proto ICMP

  • We use the Sophos Connect client.

    When I send the ping from the RED network, the following appears in the log ...



    When I send the ping from the VPN network and change the host to 172.168 ... nothing appears in the log ...