• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1322
  • Last Modified:

Voip problem in Juniper

After 6 months, we've finally finished setting up our Juniper SSG firewall. VPN and routes, etc are finally working. All except one thing: VOIP.

I have a VOIP server running on asterisk. I also have an IM server on a separate box. Both are connected to the DMZ with internal IP of IP 53.0.0.x. So we've set the required ports on Juniper so that it can pass traffic through VIP to the specific computer.
Now, the IM server works great (causing me to believe that the policy & routing in SSG is fine for the IM Server).
But the VOIP part is not working (the VOIP vendor blames it on the SSG, but I find it 80% unlikely because it was setup teh same way as IM routing was set up)

Now the question is, how do we know for sure that the port requested by the VOIP guy has been opened correctly by my network guy? (I'm working with 2 vendors). I tried telnet 1234 (port 1234) but it failed to connect

The connection to these servers uses a public IP (say, to which we've assigned VIP on SSG so that it will direct traffic from some ports to different computers.

Btw, the voip guy use x-lite software to test the connection.
2 Solutions
Kamran ArshadIT AssociateCommented:

Disable ALG ( Application Level Gateway) as suggested in below article;

Sanga CollinsSystems AdminCommented:
also use source based NAT on the outgoing VOIP policy
SW111Author Commented:
I'm going to ask my network guy and voip guy to try out both solutions.
Please allow one week for us to figure out how to do these. I'll get back to you guys then.
Thanks so much for the input.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now