[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

tz105 udp packet dropped sip peer goes unreachable

Posted on 2014-08-06
3
Medium Priority
?
712 Views
Last Modified: 2014-08-08
We have a problem where some of our Polycom phones which connect through our TZ105 Sonicwall to a hosted PBX will go unreachable.

under VOIP Settings of the TZ105 we have:

Enable consistent NAT
Enable SIP Transformations

However when we look in the log of the FW it says "UDP Packet Dropped" destined for the very device which goes unreachable.  It only does this for one or two of our 17 phones and it seems to change which phone it is periodically.

We set an allow rule for the IP of the hosted PBX and this did not change the dropped packets.  For some reason it is dropping the keep alive packets for just a few phones.    I have not seen a pattern as to which phone it is.

The hosted PBX Is running FreePBX.  I have tried changing the NAT settings on the PBX between Yes, no, never and route without much noticeable difference in behavior.

For some reason one or two phones will not stay registered and therefore not receive calls.  They are able to make calls.

This is my first Sonicwall
0
Comment
Question by:YMartin
  • 2
3 Comments
 
LVL 15

Accepted Solution

by:
Phonebuff earned 2000 total points
ID: 40246597
Not much of a fan of Sonicwall --  But there s a great resource on the PBXinaFlash forum.  

http://pbxinaflash.com/community/index.php?threads/former-sonicwall-resource-by-hbonath.12549/#post-85206
0
 
LVL 1

Author Comment

by:YMartin
ID: 40246714
I have done some more research and it seems to be that the phone punches a hole UDP port in the firewall which the PBX uses to ping the phone on every minute.  However when the phone is in use and on a call it seems the hole closes causing the phone to become unreachable.  I need to keep that hole punch open longer or get the phone to send keep alives more frequently.
0
 
LVL 1

Author Comment

by:YMartin
ID: 40249476
Thanks Phonebuff.  That indeed was the solution.  He indicates where you can increase the UDP timeout.  The setting however has moved to "Firewall Settings", "Advanced", "UDP".
One other issue which came up was the firewall was preventing registrations after a call ended - very frustrating and almost had us pull the device but A firmware update fixed that anomaly.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question