Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Answers 2 answers
  • Subscribers 32 subscribers
  • Views 2527 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UDP Timeout vs UDP Timeout Stream

JeffCooper

Hi,

We're getting one-side of calls randomly going silent.

The default values of my XG2300 are

UDP Timeout 30

UDP Timeout Stream 150

I read I should increase the timeout to 150, but should I make them match? increase both 5x? 

I don't understand the difference between two or what new problems I could encounter by messing with them.

Thanks,

Jeff



This thread was automatically locked due to age.
  • 0

    Hello ,

    Thank you for reaching out to the community, Set the timeout value in seconds for UDP connections that have not yet been established. Available values are 30-3600.
    No problem at all in changing the values !!

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • 0

    Hi JeffCooper

    JeffCooper said:
    one-side of calls randomly going silent.

    If your voice server is hosted on the cloud, check the issue by creating an FQDN base firewall rule and keep it on TOP of all firewall rule and check with packet capture it might help to investigate the issue?

    Thanks and Regards 

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    I found a series of steps to (I think) take care of this. I've received no reports of dropped calls in well over a week!

    Log in to the console.

    Double the udp timeout (I don't know the difference between these but I doubled them both)
    > set advanced-firewall udp-timeout 60
    > set advanced-firewall udp-timeout-stream 300

    You can view the current settings with
    > show advanced-firewall

    It wasn't enough to not enable SIP, I had to unload the SIP and h323 modules.
    > system system_module sip unload
    > system system_module h323 unload

    You can verify they're unloaded with
    > system system_module show

    I also disabled a couple other things (I found here: https://www.only-forward.net/2021/03/sophos-xg-siph323-voip-call-issues.html) I am not using an onsite PBX, I'm running a Mitel cloud solution, but I was desperate.
    > set ips sip_preproc disable
    > set vpn conn-remove-tunnel-up disable

    I'm not positive what these are all about. NOTE: my ipsec remote access vpn DID continue working after I made the above change.

    I am not positive which of these things were instrumental in making it work, I just know that just changing the timeouts wasn't enough, but all of the above DID work for me (average mileage may vary).

    Thanks,

    Jeff

  • 0 in reply to JeffCooper

    In my case, raising the udp-stream-timeout to 150 and leaving SIP enabled worked. Disabling SIP broke things for me. Also having VoIP phones on a separate VLAN with minimal rules, no TLS inspection, etc.

  • 0 in reply to Wayne Folta

    Trying a new set of values to see if that stops my VoIP services having very small breaks which are noticeable to me.

    Mine XG have different default values 30 and 100.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

Unfiltered HTML