Hi All,
I'm working with a customer to get wireless YeaLink phones to communicate to Jive Voice hosted PBX. The customer has several wired phones of this model on the LAN and they all work without an issue. There are 6 wireless phones on the wireless. The wireless phones were put on a guest SSID which uses Meraki DHCP with NAT over to the LAN IP space. I created a wireless SSID specifically for these devices. I configured the SSID to use bridge mode so that the devices can get IP addresses right off the LAN.
These phones are recieving an IP address, but they are not getting SIP service, and when they did on the regular SSID, it was intermittent.
I was told from the phone vendor to configure the following, my questions and remarks are in bold:
I was also told that I need to configure the following:
Jive Voice handsets must have unfiltered access to Jive’s network ranges. These IPv4 and IPv6 ranges are listed below and are also available in a automatically parsable (and updated) form here. Description Block Netmask Wildcard Jive Block 1 199.36.248.0/22 255.255.252.0 0.0.3.255 Jive Block 2 199.87.120.0/22 255.255.252.0 0.0.3.255 Jive Block 3 162.250.60.0/22 255.255.252.0 0.0.3.255 Jive Block 4 208.34.80.0/21 255.255.248.0 0.0.7.255 Jive Block 5 208.34.96.0/20 255.255.240.0 0.0.15.255 Jive IPv6 2606:CB00::/32 — — Our recommendation is to create explicit rules that allow traffic to and from Jive’s IP blocks (LAN→ WAN and WAN→ LAN) and set high in priority — even if this is implicitly stated in another access rules down the list.
What would be the best way to accomplish this task? Would I need to use 1 to Many Nat for the IPs on the lan for the phones?
I appreciate any help and insight.
Tory Davenport
Solved! Go to solution.
I found a doc with some info on Jive that might be of use.
https://jive.com/resources/support_page/onboarding/network-readiness-2/quality-service-qos/
Now I don't have clients with Jive, but I do have clients with RingCentral on Meraki and using wireless and also using YeaLink phones.
Attached is the a working config we have used with RC and Meraki.
If you are using bridge mode most of those settings don't apply.
Does the Wireless firewall allow local LAN traffic?
Wireless/Firewall & Traffic Shapping
Yes they are.
You should not need to do any of that. I have at least one customer I can think of using Jive with Meraki although their wireless is non-Meraki. Are they using iPhone or Android? I think you have more of a wireless or app issue to troubleshoot.
They are using YeaLink SIP-T46S physical phones. I ran a packet capture on the LAN and WAN. The SIP traffic is not leaving the WAN port, on the LAN capture I can see the phones trying to register, but they do not seem to have success.
If you attach a notebook to the new SSID can it access the Internet?
Yes they do have internet access on that SSID.
I found a doc with some info on Jive that might be of use.
https://jive.com/resources/support_page/onboarding/network-readiness-2/quality-service-qos/
Now I don't have clients with Jive, but I do have clients with RingCentral on Meraki and using wireless and also using YeaLink phones.
Attached is the a working config we have used with RC and Meraki.
Do I understand correct that the desk phones work fine, but only the mobile apps don't? And the mobiles are on an SSID bridged to the wired VLAN that the desk phones are on?
Hi @BrandonS ,
I have not implemented a voice VLAN on the network. The desk phones that are wired are working as required. I assume they are on the same LAN but for some reason I don't see them in the Meraki Dashboard. I've been told they are connected to that same LAN and they are functioning properly. They don't use the mobile app in this scenario, but they are (presumably) wall mounted phones that are operating on the wireless network only. The wireless for the Voice SSID is bridged mode through the AP's to the LAN DHCP pool configured on the MX. I've implemented rules for the appropriate ports recommended by the people who supplied the phones for this customer, however, I did not create the rules as the above solution recommended illustrates, pointing directly to the hosted PBX IP space ranges. I will test and update after morning.
It looks like you need to collect some more data about how they are set up. I think you can safely forget about any firewall and QoS configurations though. If the desk phones are working then any other phones should work too. I don't understand what wall mounted wireless phones you are referring to. If you don't see their phones in the dashboard then they may be on another network you don't know about? You might not see phones if they have never passed traffic through the MX, but even a small amount of usage should get them in your client list. You might also see them in your DHCP lease list if the MX is serving DHCP.
@SoCalRacer THIS is exactly what I am looking. Unfortunately I'm also at the mercy of the customer to test configuration changes as I am working this one remote, so I cannot accept this as a solution until I've implemented and tested the solution. Thank you so much and I will update once the morning passes.
Hey, did you guys ever answer the part about SIP ALG?
It looks like the MX won't use ALG at all according to this link.
VoIP on Cisco Meraki: F.A.Q. and Troubleshooting Tips - Cisco Meraki
Also, how could you used DSCP 48 in the traffic shaping instead of 43 EF, which is there by default.