Solved

Voip problem in Juniper

Posted on 2009-05-07
3
1,307 Views
Last Modified: 2013-11-12
After 6 months, we've finally finished setting up our Juniper SSG firewall. VPN and routes, etc are finally working. All except one thing: VOIP.

I have a VOIP server running on asterisk. I also have an IM server on a separate box. Both are connected to the DMZ with internal IP of IP 53.0.0.x. So we've set the required ports on Juniper so that it can pass traffic through VIP to the specific computer.
Now, the IM server works great (causing me to believe that the policy & routing in SSG is fine for the IM Server).
But the VOIP part is not working (the VOIP vendor blames it on the SSG, but I find it 80% unlikely because it was setup teh same way as IM routing was set up)

Now the question is, how do we know for sure that the port requested by the VOIP guy has been opened correctly by my network guy? (I'm working with 2 vendors). I tried telnet 1.1.1.1 1234 (port 1234) but it failed to connect

The connection to these servers uses a public IP (say 1.1.1.1), to which we've assigned VIP on SSG so that it will direct traffic from some ports to different computers.

Btw, the voip guy use x-lite software to test the connection.
0
Comment
Question by:SW111
3 Comments
 
LVL 32

Accepted Solution

by:
Kamran Arshad earned 250 total points
ID: 24333255
Hi,

Disable ALG ( Application Level Gateway) as suggested in below article;

http://www.trixbox.org/forums/trixbox-forums/help/juniper-ssg-firewall-trixbox
0
 
LVL 18

Assisted Solution

by:Sanga Collins
Sanga Collins earned 250 total points
ID: 24337413
also use source based NAT on the outgoing VOIP policy
0
 

Author Comment

by:SW111
ID: 24342698
I'm going to ask my network guy and voip guy to try out both solutions.
Please allow one week for us to figure out how to do these. I'll get back to you guys then.
Thanks so much for the input.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you think no one can listen in on your VOIP conversations, eh? Well... if you haven't setup Secure Real Time Transport (SRTP), your voice communications can be hacked into by just about anyone! First, let's talk about the intended audience for…
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now