Solved

Voip problem in Juniper

Posted on 2009-05-07
3
1,312 Views
Last Modified: 2013-11-12
After 6 months, we've finally finished setting up our Juniper SSG firewall. VPN and routes, etc are finally working. All except one thing: VOIP.

I have a VOIP server running on asterisk. I also have an IM server on a separate box. Both are connected to the DMZ with internal IP of IP 53.0.0.x. So we've set the required ports on Juniper so that it can pass traffic through VIP to the specific computer.
Now, the IM server works great (causing me to believe that the policy & routing in SSG is fine for the IM Server).
But the VOIP part is not working (the VOIP vendor blames it on the SSG, but I find it 80% unlikely because it was setup teh same way as IM routing was set up)

Now the question is, how do we know for sure that the port requested by the VOIP guy has been opened correctly by my network guy? (I'm working with 2 vendors). I tried telnet 1.1.1.1 1234 (port 1234) but it failed to connect

The connection to these servers uses a public IP (say 1.1.1.1), to which we've assigned VIP on SSG so that it will direct traffic from some ports to different computers.

Btw, the voip guy use x-lite software to test the connection.
0
Comment
Question by:SW111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 32

Accepted Solution

by:
Kamran Arshad earned 250 total points
ID: 24333255
Hi,

Disable ALG ( Application Level Gateway) as suggested in below article;

http://www.trixbox.org/forums/trixbox-forums/help/juniper-ssg-firewall-trixbox
0
 
LVL 18

Assisted Solution

by:Sanga Collins
Sanga Collins earned 250 total points
ID: 24337413
also use source based NAT on the outgoing VOIP policy
0
 

Author Comment

by:SW111
ID: 24342698
I'm going to ask my network guy and voip guy to try out both solutions.
Please allow one week for us to figure out how to do these. I'll get back to you guys then.
Thanks so much for the input.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: user_n
How Sip Phone (User Agent) works and communicates with sip servers 1.  There is a sip server and a sip registrar.  The sip server and sip registrar can be one server or two different servers. The sip registrar is the server on which it is record…
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question