Solved

Setup SonicWALL SIP with FortiCall VoIP

Posted on 2014-02-11
6
984 Views
Last Modified: 2014-05-14
Our FortiVoice FVC100 phone system sits behind a SonicWALL NSA240 for Internet connectivity.  We recently setup SIP trunks via their FortiCall VoIP service.  However, we are having trouble with some incoming calls not getting through.  After working though a ticket with FortiNet support they gave me the following:

Thank you for having provided these additional log details. We've had the chance to look through the log data from today, along with speaking with our colleagues at Forticall, and have to diagnose this issue as being a firewall setup problem.

What's happening is that at the time you report you get an error on inbound calls, the Forticall server is sending the call to the phone system. However, the phone system is not getting the message at all.

Your report that you're able to make an outbound call, then follow it up with an inbound call successfully is corroborated in the log that you'd sent, and is classically an issue of port forwarding. More specifically, that a pinhole is being used by the firewall to dynamically open a SIP port for communication, that's automatically closed back down after a certain amount of time (usually 5 minutes or so).

Please ensure that your port forwarding is configured on your firewall. Ensure that there is an outbound rule as well as an inbound rule for your SIP traffic. Finally, you could contact Sonicwall to have them ensure that your SIP traffic travels through your configured port forwarding, rather than traversing the firewall via pinhole.


I have port forwarding configured, and the "firewall test" from the FVC100 passes no problem.  Any ideas what else I should be doing?
0
Comment
Question by:slattdog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39852397
How is port forwarding configured? Did you use the public server wizard?
0
 

Author Comment

by:slattdog
ID: 39853497
Yes.  I used the wizard.
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39854248
so in the services group that was created, what services & ports are configured? Sip requires a port range (like passive ftp) and if that's not setup correctly it could definately cause these issues
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 

Author Comment

by:slattdog
ID: 39854268
FortiVoice Services                              

       TFTP      UDP      69      69            

       FortiVoice HTTP      TCP      8484      8484            

       FortiVoice RTP      UDP      6100      6114

       FortiVoice SIP      UDP      15060      15060      


This is per the specs from FortiVoice.  Also, I have the same port forwarding setup on a basic Netgear router from Walmart (just for testing) and it works perfect if I plug the phone system into that instead of the SonicWALL.
0
 

Accepted Solution

by:
slattdog earned 0 total points
ID: 40054609
Somehow the FVC100 had the wrong DNS server.  Why is wasn't getting it from DHCP I don't know, but when I corrected it manually it started working fine.
0
 

Author Closing Comment

by:slattdog
ID: 40064001
This was the issue in this case.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Almost all Internet protocol telephones have built-in switches at the back that allow you to connect your personal computer to one port and use the other port to connect your phone to to a Cisco switch.   Why we need to connect the PC to the pho…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question