Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 45896 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

The right voip setup?

fooc

I'm setting up my first sopos xg and having a lot of troubles setting up voip.

On the utm boxes i always use the sip support helper and i dont have to make any extra rules to make voip work.

Is the best way on the sophos os to disable the sip from the cli and set up a rule like in this topic?

https://community.sophos.com/products/xg-firewall/f/125/p/76765/295156#295156

Do I also need an incoming rule?



This thread was automatically locked due to age.
Parents
  • 0

    Hi, 

    Yes you need an incoming rule, the referred post is to apply QoS on VoIP protocols. 

    Please refer the link to load or unload SIP protocol:

    https://community.sophos.com/kb/en-US/123523

    Hope that helps.

    Thanks

  • 0 in reply to sachingurung

    Hi,

    So when you have 10 voip phones you have to make 10 incoming rules?

  • 0 in reply to fooc

    No, you should not need incoming rules.

    I have had multiple phones/ATA's registered to a couple of different providers with no incoming or outgoing rules, just works.  The form link in your OP is my post.  That policy was to apply QoS, but is not needed to make VoIP itself work.

    Why do you not need incoming rules?  Because your VoIP devices always initiate the connection.  Therefore all incoming traffic is just part of an established flow.

    When your voip device first registers via SIP, that is outbound traffic and is the connection/flow that allows you to receive an inbound SIP message signalling that you have an incoming call, so it comes in without having to have a rule.  (Note:  SIP is NOT VoIP, it is the most commonly used signalling component for VoIP).

    When your phone initiates or receives a call, it will negotiate what UDP ports to use for the RTP stream (the actual voice packets) with the provider's Session Border Controller.  Your device will start that stream and what the provider is sending is just return traffic, so it comes in without having to have a rule.  What will break this is if the provider does not use SBC's to proxy the RTP, then it can get ugly.

    What I just described will work with the vast majority of VoIP scenarios, there are always going to be corner cases that require special handling.

    If you are having problems, please detail what is happening.  For example:  Can make outgoing calls, but not receive.  Have no or one-way audio.  Etc.  Also, who is the provider?

  • 0 in reply to DavidWilliams1

    Hi David,

    Thanx for your clarification, voip is working good now, i had to disable the sip helper also.

Reply Children
No Data