ITLighthouse
asked on
How can I route VOIP traffic over a 2nd WAN connection?
We have a Sonicwall TZ-200 firewall facing the internet and a Cisco 1700 router that handles routing for the two VLANs that we have. The VOIP system is on a separate VLAN than the other computers. We are looking to add a 2nd WAN connection and have the VOIP traffic routed over the existing T1 line and all other internet traffic routed over the new faster Comcast line. First of all, is this possible with our existing hardware? If so, how can I configure this? I know the TZ-200 can handle dual WAN but not sure if it can split traffic based on protocol/service. Supposedly Sonicwall NSA devices can do this, but what about the TZ? If not, please confirm what hardware I would need to accomplish this.
John Meggers
My (admittedly very limited) experience with Sonicwall is their dual external interface traffic rules can be either active/passive failover, per-destination round-robin, spillover (when primary bandwidth exceeds x amount) or percentage-based (x percent to primary, y percentage to secondary). I don't know of a way you can control what path a specific type of traffic will take, unless all VoIP is going to one location, and you may be able to configure a static route for that destination. But then everything would take that path, not only the VoIP traffic.
If your phones have different ips than the computer network, then just rote data from that subnet where you want it to go.
I will give more detail once I get back in the office
are you running an enhanced OS on the sonicwall? if you add an additional WAN interface, then you now have two gateway's...or that's how sonicwall sees it. once setup, you can tell the sonicwall to send specific traffic out a specific gateway via zone or interface.
Ahh.. I never did get back like I said I would, I deleted the email. :-) Anyway, setup a second wan interface. Create a site to site VPN on the sonicwall and assign it to the x2 or whatever interface as you set up as the second WAN. Make sure to setup your local and destination networks to reflect only the traffic you are wanting to send across. Depending on how you set up the VPN you may or may not need to create a manual route. It should autocreate routes based on the source and destination networks of your site to site VPN
ASKER
I'm running enhanced OS on the sonicwall. I'm not sure I understand what setting up a VPN would accomplish, or why that would be needed.
The only thing I can think of is to setup the 2nd WAN on the Sonicwall and somehow bind that to a 2nd internal IP address to act as another gateway for the local network. And then configure the Cisco to route traffic from the VOIP VLAN to that 2nd gateway. But that might mess up the ability for the call manager clients on one VLAN to communicate with the VOIP server on the other VLAN.
Digitap: can you expand on your explanation?
The only thing I can think of is to setup the 2nd WAN on the Sonicwall and somehow bind that to a 2nd internal IP address to act as another gateway for the local network. And then configure the Cisco to route traffic from the VOIP VLAN to that 2nd gateway. But that might mess up the ability for the call manager clients on one VLAN to communicate with the VOIP server on the other VLAN.
Digitap: can you expand on your explanation?
sure. i have a link below that walks you through setting up a secondary gateway. essentially, once you've setup the secondary gateway, you merely create a route and assign a group of services, http, https, etc, to utilize the secondary gateway (comcast).
https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7781
hope that helps...
https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7781
hope that helps...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Doink.. sorry about the VPN piece. Who knows what I was thinking. Probably thinking about an exchange sonicwall vpn issue that I was posting on earlier. . skip that.. I meant to keep on the track of just setting up routes, nat and firewall rules.
ASKER
I think that article about routing SMTP traffic was the piece I needed. I would just change the service to VOIP and make sure it encompasses all the ports involved. I will give it a try and let you know how it goes.
Thanks for the suggestions!
Thanks for the suggestions!
you're welcome. looking forward to the results!
routing specific traffic out a secondary WAN is straight forward. my solutions here, http:#a34169328, and here, http:#a34169333, would be sufficient for configuring that.
ASKER
As it turns out, the VOIP traffic wasn't even going through the Sonicwall to begin with, but is beingn split off somewhere else on the network. But your solution is what I would have needed to configure.
Thanks.
Thanks.