Routing Asterisk traffic evading a VPN

pgb asked:

I have two offices set in two distant locations, connected through a IPSec VPN (using pfSense). On one office, I have an Asterisk PBX where all the extensions connect, and the Asterisk PBX is configured with a Flowroute trunk.

Here’s some ascii diagram:

--------------          ---------------             -------------
| office 1   |  IPSec   |  office 2   |    lan      | Asterisk  |
|  pfsense   | -------- |   pfsense   |-------------|           |
--------------          ---------------             -------------
      |                        |
      |                        |
internet link 1           internet link 2

When I make calls from office 2 through Flowroute, they work perfectly fine. However, when I make calls from office 1, there’s some echo. I’m using IP phones, so the echo is not caused by analog terminals.

My guess is that the SIP traffic from office 1 is going through the VPN and then routed to Flowroute (through internet link 2).

How can I make it so the traffic is routed through internet link 1 instead? I only want to use SIP traffice over IPSec for internal calls (extensions on office 1 calling extensions on office 2, where some echo is acceptable).

My answer:


Put another Asterisk server in Office 1.

Have the two servers talk to each other (e.g. IAX) for inter-office calls, and have each of them route PSTN calls directly to your upstream provider. The provider should be able to give you sub-accounts for each of your servers, so that incoming calls can be routed to the correct one.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.