asked on

Debug and/or test for which ports are open or blocked on a Sonicwall TZ105 in a site-to-site VPN

I have two Sonicwall TZ-105 with a site to site VPN between the two, however I'm having issues with the VOIP phone system. This happens for both sites: the phone rings and shows extension, but nothing is heard on either end. The tech with the VOIP system says ports are blocked. I don't believe they are between the site-to-site VPN. Is there away to debugging and/or test for ports that are open or blocked on this site-to-site VPN?

Thanks,
Jim

gheist

Enable log of all rejected/dropped packets on firewall, then check of drops where communication is disrupted.

Phonebuff

Voice would be RTP protocol which is a UDP transport on ports 10000 - 20000. An if your SIP (5060 & 5061) is working, and it is if you see caller ID and the handset rings then RTP is mostly likely blocked.

There are a number of port scanners available have a look around with google. But NMAP but be one if the better / easier to use - http://searchsecurity.techtarget.com/tip/Nmap-How-to-scan-ports-and-services

masnrock

You need to clarify: Is the issue just with incoming calls on extensions from the opposite office, or is this a problem with incoming calls in general, including from the outside to the location with the PBX? If it is a problem with incoming calls overall, then you need to check the WAN > LAN access rules and open up a sufficient range of ports like Phonebuff has mentioned.

Also, I am assuming that the second location has a separate subnet, and does not use DHCP over VPN. Please confirm whether this is the case.

ASKER CERTIFIED SOLUTION

youritstaff

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

youritstaff

ASKER

The tech had made changes on the VOIP server, but never rebooted it after making said changes.