Solved

Setup SonicWALL SIP with FortiCall VoIP

Posted on 2014-02-11
6
991 Views
Last Modified: 2014-05-14
Our FortiVoice FVC100 phone system sits behind a SonicWALL NSA240 for Internet connectivity.  We recently setup SIP trunks via their FortiCall VoIP service.  However, we are having trouble with some incoming calls not getting through.  After working though a ticket with FortiNet support they gave me the following:

Thank you for having provided these additional log details. We've had the chance to look through the log data from today, along with speaking with our colleagues at Forticall, and have to diagnose this issue as being a firewall setup problem.

What's happening is that at the time you report you get an error on inbound calls, the Forticall server is sending the call to the phone system. However, the phone system is not getting the message at all.

Your report that you're able to make an outbound call, then follow it up with an inbound call successfully is corroborated in the log that you'd sent, and is classically an issue of port forwarding. More specifically, that a pinhole is being used by the firewall to dynamically open a SIP port for communication, that's automatically closed back down after a certain amount of time (usually 5 minutes or so).

Please ensure that your port forwarding is configured on your firewall. Ensure that there is an outbound rule as well as an inbound rule for your SIP traffic. Finally, you could contact Sonicwall to have them ensure that your SIP traffic travels through your configured port forwarding, rather than traversing the firewall via pinhole.


I have port forwarding configured, and the "firewall test" from the FVC100 passes no problem.  Any ideas what else I should be doing?
0
Comment
Question by:slattdog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39852397
How is port forwarding configured? Did you use the public server wizard?
0
 

Author Comment

by:slattdog
ID: 39853497
Yes.  I used the wizard.
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39854248
so in the services group that was created, what services & ports are configured? Sip requires a port range (like passive ftp) and if that's not setup correctly it could definately cause these issues
0
Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

 

Author Comment

by:slattdog
ID: 39854268
FortiVoice Services                              

       TFTP      UDP      69      69            

       FortiVoice HTTP      TCP      8484      8484            

       FortiVoice RTP      UDP      6100      6114

       FortiVoice SIP      UDP      15060      15060      


This is per the specs from FortiVoice.  Also, I have the same port forwarding setup on a basic Netgear router from Walmart (just for testing) and it works perfect if I plug the phone system into that instead of the SonicWALL.
0
 

Accepted Solution

by:
slattdog earned 0 total points
ID: 40054609
Somehow the FVC100 had the wrong DNS server.  Why is wasn't getting it from DHCP I don't know, but when I corrected it manually it started working fine.
0
 

Author Closing Comment

by:slattdog
ID: 40064001
This was the issue in this case.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are no good configuration guides for HP-H3C router to LYNC on the web. :( Big statement, but we havent been able to find one yet. We did find the following document useful, but the information was not enough to use H3C router for use as a L…
Hey there Heard about jingle, the add on for XMPP that enables point to point audio between two XMPP clients. No server config necessary. Actually quite a cool feature. However, how good is it if you can not use those voice capabilities to do a P…
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question