tz105 udp packet dropped sip peer goes unreachable

We have a problem where some of our Polycom phones which connect through our TZ105 Sonicwall to a hosted PBX will go unreachable.

under VOIP Settings of the TZ105 we have:

Enable consistent NAT
Enable SIP Transformations

However when we look in the log of the FW it says "UDP Packet Dropped" destined for the very device which goes unreachable.  It only does this for one or two of our 17 phones and it seems to change which phone it is periodically.

We set an allow rule for the IP of the hosted PBX and this did not change the dropped packets.  For some reason it is dropping the keep alive packets for just a few phones.    I have not seen a pattern as to which phone it is.

The hosted PBX Is running FreePBX.  I have tried changing the NAT settings on the PBX between Yes, no, never and route without much noticeable difference in behavior.

For some reason one or two phones will not stay registered and therefore not receive calls.  They are able to make calls.

This is my first Sonicwall
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Not much of a fan of Sonicwall --  But there s a great resource on the PBXinaFlash forum.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
YMartinAuthor Commented:
I have done some more research and it seems to be that the phone punches a hole UDP port in the firewall which the PBX uses to ping the phone on every minute.  However when the phone is in use and on a call it seems the hole closes causing the phone to become unreachable.  I need to keep that hole punch open longer or get the phone to send keep alives more frequently.
YMartinAuthor Commented:
Thanks Phonebuff.  That indeed was the solution.  He indicates where you can increase the UDP timeout.  The setting however has moved to "Firewall Settings", "Advanced", "UDP".
One other issue which came up was the firewall was preventing registrations after a call ended - very frustrating and almost had us pull the device but A firmware update fixed that anomaly.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.