Video Conference not working during failover


#1

Hi guys, I have a problem which need your help.

Peplink Balance Mode: BPL-210
Firmware: 6.3.3 build 2526
Mode: Drop-in

I’m trying to setup inbound port forwarding for one of my customer’s video conferencing. The setup is as follow:

Peplink — Fortigate firewall — LAN

The firewall has DNAT configured with ISP1 public IP (A.A.A.A) mapped to customer’s internal video conference equipment (192.1.1.40).

The Peplink currently has the following configuration:

  • Add A.A.A.A IP as a server.
  • Map ISP2 IP (B.B.B.B) to A.A.A.A via inbound port forwarding on all TCP and UDP ports.

VC works fine on both connections. However, once we disconnect ISP1 connection, our customer tried to establish VC using B.B.B.B as destination IP, but the call drops as soon as it is received. Does anyone know what could be the issue? The firewall does not show any deny action so we can assume the traffic is being allowed in.


#2

Hi,

Not sure whether VC need to change any setting for such setup (Double NAT for Peplink & Firewall).

Can you please perform packets capture from Peplink & FortiGate to confirm whether VC traffics is NATed and pass-through both devices ?

You can perform packets capture by using support.cgi page:


Thank You


#3

Hi sitloongs, thanks for your input. I did not know about the packet capture function on Peplink. I will probably only be able to do it during the next testing window. Do you have a sample of how the packet should look like if the NAT mapping from ISP2 to ISP1 is performed?

On a side note, are there any special settings that we should watch out for these kind of real-time traffic? (Video, VoIP etc…)


#4

Our Network Capture is a pcap file. You can use Wireshark to open it. We will capture the traffics that pass through LAN and all WANs. If WAN is running in NAT mode, you will see IP subnet for WAN is communicating with others public IPs.

I requested Remote Assistance to check further in ticket. Please help to follow up from there.

Thank you.