• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1075
  • Last Modified:

Setup SonicWALL SIP with FortiCall VoIP

Our FortiVoice FVC100 phone system sits behind a SonicWALL NSA240 for Internet connectivity.  We recently setup SIP trunks via their FortiCall VoIP service.  However, we are having trouble with some incoming calls not getting through.  After working though a ticket with FortiNet support they gave me the following:

Thank you for having provided these additional log details. We've had the chance to look through the log data from today, along with speaking with our colleagues at Forticall, and have to diagnose this issue as being a firewall setup problem.

What's happening is that at the time you report you get an error on inbound calls, the Forticall server is sending the call to the phone system. However, the phone system is not getting the message at all.

Your report that you're able to make an outbound call, then follow it up with an inbound call successfully is corroborated in the log that you'd sent, and is classically an issue of port forwarding. More specifically, that a pinhole is being used by the firewall to dynamically open a SIP port for communication, that's automatically closed back down after a certain amount of time (usually 5 minutes or so).

Please ensure that your port forwarding is configured on your firewall. Ensure that there is an outbound rule as well as an inbound rule for your SIP traffic. Finally, you could contact Sonicwall to have them ensure that your SIP traffic travels through your configured port forwarding, rather than traversing the firewall via pinhole.


I have port forwarding configured, and the "firewall test" from the FVC100 passes no problem.  Any ideas what else I should be doing?
0
slattdog
Asked:
slattdog
  • 4
  • 2
1 Solution
 
Aaron TomoskyTechnology ConsultantCommented:
How is port forwarding configured? Did you use the public server wizard?
0
 
slattdogAuthor Commented:
Yes.  I used the wizard.
0
 
Aaron TomoskyTechnology ConsultantCommented:
so in the services group that was created, what services & ports are configured? Sip requires a port range (like passive ftp) and if that's not setup correctly it could definately cause these issues
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
slattdogAuthor Commented:
FortiVoice Services                              

       TFTP      UDP      69      69            

       FortiVoice HTTP      TCP      8484      8484            

       FortiVoice RTP      UDP      6100      6114

       FortiVoice SIP      UDP      15060      15060      


This is per the specs from FortiVoice.  Also, I have the same port forwarding setup on a basic Netgear router from Walmart (just for testing) and it works perfect if I plug the phone system into that instead of the SonicWALL.
0
 
slattdogAuthor Commented:
Somehow the FVC100 had the wrong DNS server.  Why is wasn't getting it from DHCP I don't know, but when I corrected it manually it started working fine.
0
 
slattdogAuthor Commented:
This was the issue in this case.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now