Connecting external sales people to an Avaya PBX using a VPN, any other way?
Tags:
- Connection
- VPN
- Networking
- Avaya
Last response: in Networking
bexinateur
May 22, 2014 7:53:57 AM
We have around 30 sales people working remotely from many different destinations around the world. We have a hosted Avaya PBX in our HQ and they connect using the VPN on the hardphones (Avaya hardphones). The issue is that the voice quality for some of them is terrible due to the weight of the packets through the VPN. Is there a way to connect directly to the PBX with no VPN or should we look at implementing a new system?
I need the external users to have great voice quality. Any advice or help is appreciated.
I need the external users to have great voice quality. Any advice or help is appreciated.
More about : connecting external sales people avaya pbx vpn
-
Reply to bexinateur
bill001g
May 22, 2014 8:11:24 AM
Try the hardphones in vpn mode INSIDE the company to see if you can make it work. We have done this before and the phones have more than enough power to run the VPN and the quality is fine....we mark the outside vpn packets. Still this is over a private network where we control QoS end to end not over the internet.
I suspect your problem is more the internet than the vpn. You of course could put a small vpn device in front to offload the phones but it still is likely jitter or packet loss in the internet path.
You should tolerate more loss if you use g.711 rather than g.729 Even with vpn overhead you should only be sending less that 100k/sec with g.711 and since it has more data to lose the users should not hear it as much.
On VPN the thing that causes CPU/processor issues on devices is packet fragmentation and reassembly. This is seldom a issue for VoIP since the packet size should be fairly small. If you have the VoIP sample size set really high you could get long packets that approach the MTU limits but this is a very non standard option to set.
I suspect your problem is more the internet than the vpn. You of course could put a small vpn device in front to offload the phones but it still is likely jitter or packet loss in the internet path.
You should tolerate more loss if you use g.711 rather than g.729 Even with vpn overhead you should only be sending less that 100k/sec with g.711 and since it has more data to lose the users should not hear it as much.
On VPN the thing that causes CPU/processor issues on devices is packet fragmentation and reassembly. This is seldom a issue for VoIP since the packet size should be fairly small. If you have the VoIP sample size set really high you could get long packets that approach the MTU limits but this is a very non standard option to set.
-
Reply to bill001g
bexinateur
May 22, 2014 8:15:14 AM
I think the issue is the users internet connection as it can be unreliable and the latency can be terrible. This is always going to be an issue as we work in 3rd world and developing countries. However if the VPN is making the packets heavier, should we look at another solution without a VPN connection to make the packets lighter and easier for these external users?
Just looks like the VPN is the only solution for external users to hit the PBX.
Just looks like the VPN is the only solution for external users to hit the PBX.
-
Reply to bexinateur
Related resources
- High ping, 8 times higher than other people who are using the same connection - Forum
- High ping, 8 times higher than other people who are using the same connection - Forum
- How to get VPN to use one DNS and all other connections a diff DNS - Forum
bill001g
May 22, 2014 8:35:17 AM
Unfortunately you need VPN for 2 things. First it depends if you care if people listen into the call. The second is the NAT and firewall issues.
The TCP setup for SIP or H.323 calls has few issues but since they send the IP addresses for the end stations for the voice path inside the packets. There are some firewalls that can fix the NAT by manipulating content messages as they are exchanged and punch holes dynamically but this is still not a common feature even on large commercial firewalls. You would need a firewall/router at each location that could do this. This is why VPN is used to solve this issue most the time.
We have work from home users running softphone clients over our normal ssl-vpn for remote access. It mostly works in the more modern countries but as expected when they are crossing international boundaries from countries with poor internet it does have issues. If the users are mobile you are kinda stuck with this problem. The other thing we do where we have office in the country is allow the users to use analog phones to dial into the local pbx and then use the PBX to route the call over our private network to other countries. We have also mapped internal numbers to their external line so people can call them using out private network rather than international calls. We are somewhat lucky to have offices in almost every country in the world.
The TCP setup for SIP or H.323 calls has few issues but since they send the IP addresses for the end stations for the voice path inside the packets. There are some firewalls that can fix the NAT by manipulating content messages as they are exchanged and punch holes dynamically but this is still not a common feature even on large commercial firewalls. You would need a firewall/router at each location that could do this. This is why VPN is used to solve this issue most the time.
We have work from home users running softphone clients over our normal ssl-vpn for remote access. It mostly works in the more modern countries but as expected when they are crossing international boundaries from countries with poor internet it does have issues. If the users are mobile you are kinda stuck with this problem. The other thing we do where we have office in the country is allow the users to use analog phones to dial into the local pbx and then use the PBX to route the call over our private network to other countries. We have also mapped internal numbers to their external line so people can call them using out private network rather than international calls. We are somewhat lucky to have offices in almost every country in the world.
-
Reply to bill001g
bexinateur
May 22, 2014 8:38:03 AM
bill001g
May 22, 2014 8:49:26 AM
We have looked into some of those. Many offer this as part of their sip trunking packages. We have moved many of our PBX local access circuits to sip trunks but have not take them up on letting users gain access over the internet. This is effect lets the uses terminate the call closer to their house...it is still vpn.. and the calls would then route on their private network.
The problem is always the places where we have the most issues because of poor internet are also the countries these providers also have no local access.
The problem is always the places where we have the most issues because of poor internet are also the countries these providers also have no local access.
-
Reply to bill001g
bexinateur
May 22, 2014 8:52:05 AM
kirobie
July 23, 2014 5:37:58 AM
bexinateur said:
We have around 30 sales people working remotely from many different destinations around the world. We have a hosted Avaya PBX in our HQ and they connect using the VPN on the hardphones (Avaya hardphones). The issue is that the voice quality for some of them is terrible due to the weight of the packets through the VPN. Is there a way to connect directly to the PBX with no VPN or should we look at implementing a new system?I need the external users to have great voice quality. Any advice or help is appreciated.
Hey bexinateur,
Sorry, I know that you wanna try to avoid implementing a new system, but the only one thing that came into my mind that you should use a software-based IP PBX, that has a web GUI (just like this one). This way your system can be configured remotely, and any remote SIP client (including your Avaya hardphones or even mobile phones) can be installed and used wherever they are.
-
Reply to kirobie
Read discussions in other Networking categories
!