Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 6 subscribers
  • Views 10921 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VoIP phone configured to FW interface

fmnh_support

I'm trying to test out VoIP system by connecting a VoIP phone directly to an available firewall Ethernet interface. I'm having some configuration problems getting the phone out to the internet to establish a connection to our VoIP provider. This is to test the latency/voice quality problems we are experiencing on our internal network. Please advise. 



This thread was automatically locked due to age.
  • 0

    You should only need to open any firewall ports that your VoIP service requires. Talk to your provider for those ports and then configure them. Worse case, temporarily use an Any to Voip Device rule for testing purposes.

  • 0

    What VoIP Protocol?

    Ask your phone provider for a list of needed IP addresses and port ranges. Then, open them up.

    Ensure you have an exclusion set within IPS if you have that enabled. 

    Ensure the traffic is being NAT'd correctly so it can actually get externally. 

    If using SIP or H.323 try the built in VoIP helpers. 

  • 0 in reply to Dlabun

    Thanks for the quick reply and solution but thats not exactly what I’m trying to accomplish. I simply want to hang one voip phone off the eth6 interface on the firewall. I want this one phone to be the only thing connected to this interface and be able to get out through my external interface.  To expand on our voice quality testing I am trying to eliminate any possible firewall conflicts by attaching the phone directly to the firewall on it’s on interface. 

  • 0 in reply to fmnh_support

    That's exactly how I have my VoIP phone setup. It sits directly on eth3 on my SG105 and talks to the internet. As long as you properly configure your ethernet interface there's nothing stopping you from connecting your Voip phone straight to the firewall. Again, just set up the firewall and NAT rules as required and it'll work.

  • 0 in reply to Dlabun

    Interesting, thats what I’m trying to accomplish too… my challenge is configuring eth6 interface and NAT rules correctly. I’ve attempted several different variations. Would you mind sharing some specific details on how it should be setup or what worked for you? Thanks

  • 0 in reply to fmnh_support
    Since I have a Sophos appliance I used the default setup for the interfaces. The interface I attached to the phone has its own DHCP server on the UTM and then it's NAT'd to the WAN. My provider has pretty good documentation so I just created rules allow access to their IP range over any protocol plus access to Google DNS. I'm not in the office at this moment so I can give you more specific information later. One key is don't use the SIP handler on the UTM, it seems to breaks everything with VoIP calls.
  • 0 in reply to Dlabun

    here is my configuration. any help would be greatly appreciated. 

    on Eth6; Name:VoIP; Type: Ethernet; IPv4: 172.16.0.1; Netmask: /24

    DHCP; Interface: VoIP; Range Start: 172.16.0.2; Range End: 172.16.0.10; DNS 1: 208.67.222.222; DNS 2: 208.67.220.220; Gateway: 172.16.0.1

    NAT Masquerading; Network: VoIP network; Interface: External;