Solved

Setup SonicWALL SIP with FortiCall VoIP

Posted on 2014-02-11
6
974 Views
Last Modified: 2014-05-14
Our FortiVoice FVC100 phone system sits behind a SonicWALL NSA240 for Internet connectivity.  We recently setup SIP trunks via their FortiCall VoIP service.  However, we are having trouble with some incoming calls not getting through.  After working though a ticket with FortiNet support they gave me the following:

Thank you for having provided these additional log details. We've had the chance to look through the log data from today, along with speaking with our colleagues at Forticall, and have to diagnose this issue as being a firewall setup problem.

What's happening is that at the time you report you get an error on inbound calls, the Forticall server is sending the call to the phone system. However, the phone system is not getting the message at all.

Your report that you're able to make an outbound call, then follow it up with an inbound call successfully is corroborated in the log that you'd sent, and is classically an issue of port forwarding. More specifically, that a pinhole is being used by the firewall to dynamically open a SIP port for communication, that's automatically closed back down after a certain amount of time (usually 5 minutes or so).

Please ensure that your port forwarding is configured on your firewall. Ensure that there is an outbound rule as well as an inbound rule for your SIP traffic. Finally, you could contact Sonicwall to have them ensure that your SIP traffic travels through your configured port forwarding, rather than traversing the firewall via pinhole.


I have port forwarding configured, and the "firewall test" from the FVC100 passes no problem.  Any ideas what else I should be doing?
0
Comment
Question by:slattdog
  • 4
  • 2
6 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39852397
How is port forwarding configured? Did you use the public server wizard?
0
 

Author Comment

by:slattdog
ID: 39853497
Yes.  I used the wizard.
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39854248
so in the services group that was created, what services & ports are configured? Sip requires a port range (like passive ftp) and if that's not setup correctly it could definately cause these issues
0
Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

 

Author Comment

by:slattdog
ID: 39854268
FortiVoice Services                              

       TFTP      UDP      69      69            

       FortiVoice HTTP      TCP      8484      8484            

       FortiVoice RTP      UDP      6100      6114

       FortiVoice SIP      UDP      15060      15060      


This is per the specs from FortiVoice.  Also, I have the same port forwarding setup on a basic Netgear router from Walmart (just for testing) and it works perfect if I plug the phone system into that instead of the SonicWALL.
0
 

Accepted Solution

by:
slattdog earned 0 total points
ID: 40054609
Somehow the FVC100 had the wrong DNS server.  Why is wasn't getting it from DHCP I don't know, but when I corrected it manually it started working fine.
0
 

Author Closing Comment

by:slattdog
ID: 40064001
This was the issue in this case.
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Opening Ports 18 104
Fortigate 100D NTP Issue 4 141
Shoretel Edge Gateway 5 92
Swapping port on a  Cisco 5510 firewall 1 44
Although VoiceOver IP has been around for a while, internet connections have only recently become fast enough to provide good call quality. Now, VoIP has become a real option for businesses looking at ways to improve their business model. In this ar…
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question