Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5466
  • Last Modified:

How can I route VOIP traffic over a 2nd WAN connection?

We have a Sonicwall TZ-200 firewall facing the internet and a Cisco 1700 router that handles routing for the two VLANs that we have.  The VOIP system is on a separate VLAN than the other computers.  We are looking to add a 2nd WAN connection and have the VOIP traffic routed over the existing T1 line and all other internet traffic routed over the new faster Comcast line.  First of all, is this possible with our existing hardware?  If so, how can I configure this?  I know the TZ-200 can handle dual WAN but not sure if it can split traffic based on protocol/service.  Supposedly Sonicwall NSA devices can do this, but what about the TZ?  If not, please confirm what hardware I would need to accomplish this.
0
ITLighthouse
Asked:
ITLighthouse
  • 5
  • 4
  • 3
  • +1
1 Solution
 
jmeggersSr. Network and Security EngineerCommented:
My (admittedly very limited) experience with Sonicwall is their dual external interface traffic rules can be either active/passive failover, per-destination round-robin, spillover (when primary bandwidth exceeds x amount) or percentage-based (x percent to primary, y percentage to secondary).  I don't know of a way you can control what path a specific type of traffic will take, unless all VoIP is going to one location, and you may be able to configure a static route for that destination.  But then everything would take that path, not only the VoIP traffic.
0
 
getzjdCommented:
If your phones have different ips than the computer network, then just rote data from that subnet where you want it to go.
0
 
getzjdCommented:
I will give more detail once I get back in the office
0
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

 
digitapCommented:
are you running an enhanced OS on the sonicwall?  if you add an additional WAN interface, then you now have two gateway's...or that's how sonicwall sees it.  once setup, you can tell the sonicwall to send specific traffic out a specific gateway via zone or interface.
0
 
getzjdCommented:
Ahh.. I never did get back like I said I would, I deleted the email. :-)   Anyway,  setup a second wan interface.   Create a site to site VPN on the sonicwall and assign it to the x2 or whatever interface as you set up as the second WAN.  Make sure to setup your local and destination networks to reflect only the traffic you are wanting to send across.   Depending on how you set up the VPN you may or may not need to create a manual route.  It should autocreate routes based on the source and destination networks of your site to site VPN
0
 
ITLighthouseAuthor Commented:
I'm running enhanced OS on the sonicwall.  I'm not sure I understand what setting up a VPN would accomplish, or why that would be needed.

The only thing I can think of is to setup the 2nd WAN on the Sonicwall and somehow bind that to a 2nd internal IP address to act as another gateway for the local network.  And then configure the Cisco to route traffic from the VOIP VLAN to that 2nd gateway.  But that might mess up the ability for the call manager clients on one VLAN to communicate with the VOIP server on the other VLAN.

Digitap:  can you expand on your explanation?  
0
 
digitapCommented:
sure.  i have a link below that walks you through setting up a secondary gateway.  essentially, once you've setup the secondary gateway, you merely create a route and assign a group of services, http, https, etc, to utilize the secondary gateway (comcast).


https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7781


hope that helps...
0
 
digitapCommented:
for example, the scenario below is sending SMTP traffic through the secondary gateway.  obviously, you'd choose whichever service you needed.

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5733
1
 
getzjdCommented:
Doink.. sorry about the VPN piece.  Who knows what I was thinking.  Probably thinking about an exchange sonicwall vpn issue that I was posting on earlier. .  skip that.. I meant to keep on the track of just setting up routes, nat and firewall rules.  
0
 
ITLighthouseAuthor Commented:
I think that article about routing SMTP traffic was the piece I needed.  I would just change the service to VOIP and make sure it encompasses all the ports involved.  I will give it a try and let you know how it goes.

Thanks for the suggestions!
0
 
digitapCommented:
you're welcome.  looking forward to the results!
0
 
digitapCommented:
routing specific traffic out a secondary WAN is straight forward.  my solutions here, http:#a34169328, and here, http:#a34169333, would be sufficient for configuring that.
0
 
ITLighthouseAuthor Commented:
As it turns out, the VOIP traffic wasn't even going through the Sonicwall to begin with, but is beingn split off somewhere else on the network.  But your solution is what I would have needed to configure.

Thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 5
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now