Rule 0 is denying a lot of UDP packets for RTP from my externally hosted VOIP provider. The format of the errors is:
Log Comp: Appliance Access (ACL related/Rule 0)
Source IP: IP of voip provider
Dest IP: My external WAN IP
PORT: Randomly generated
PORT: randomly generated for each phone
I researched Sophos documentation and found that rule 0 only acts if firewall can't find a matching rule etc. So I created a rule 1 that allows anything from VOIP provider IP to my internal vlan for voip phones, but nothing is passing through it, and I'm still getting the errors in Appliance Access logs.
My new rule I added to try to fix this (in position 2 in list). Do I need to edit this to allow voip provider -> my public wan IP? Instead of voip provider-> internal lan
Existing rule which has been allowing VOIP to basically work all along and I thought should handle this by populating NAT table for me? (In position 1 in list)
My side thought is, shouldn't the firewall NAT/MASQ be handling this because the phones initiallity reach out and establish a session through my original outbound rule??? Lots of sessions are regularly being established between the phones and the server with TCP with no issues it's only these RTP UDP packets.
Also, phone calls are working, but staff have been reporting some garbled audio, and also I'm just trying to track down inconsistent network connection.
Thank you!
This thread was automatically locked due to age.
