Link to home
Start Free TrialLog in
Avatar of OAC Technology
OAC TechnologyFlag for United States of America

asked on

Can't transfer FreePBX calls over VPN from Polycom phone using Fortinet firewalls.


We recently replaced our Cisco firewalls with Fortinet firewalls. The firewall at the site having the problem is a FortiGate 30D. The firewall at our main site is a FortiGate 70D. They are connected via Site to Site VPN. All traffic is allowed to pass between sites. We have a FreePBX Asterisk system at our main site (behind the 70D) and the phones there work just fine. However, we have a remote Polycom VVX410 at the site with the 30D which connects through the VPN to our FreePBX system. When that phone picks up an incoming call and tries to transfer it, the call gets stuck in a perpetual hold and it can no longer be accessed. That phone can also no longer see the BLF lights when other users are on the phone. These all worked prior to putting in the FortiGate.

I have disabled SIP-helper, sip-nat-trace and RTP on the FortiGate and reboot with no change. What can be done to get this phone working properly again?

Thank you
Avatar of José Méndez
José Méndez

Does it happen when the remote user first presses the TRansfer key, or once it completes and presses transfer the second time?
Avatar of OAC Technology


I'll have to double check on that. I know that the BLF lights on the phone are also greyed out and do not work.
As for transferring, when he pushes the transfer button and dials an extension, he gets a message that states "transfer failed." And then the call is still listed on his phone, but he cannot pull it back. The phone rings at the person's desk where the call was transferred, but all they hear is hold music when they pick up the call (or silence). Then the call is lost in a black hole until they hang up.
Its a complicated behavior mostly due to the vendor specific way of handling the transfer, to which I am not very related with.

I guess if you can debug the asterisk (core set verbose 9 / core set debug 9 / sip set debug on) plus collect a sniffer trace from the IP Phone, I might be able to help you decode what is happening at both ends. You may want to inveestigate if the Polycom device has logging of its own to help clarify.
To me it sounds as if some SIP signal is getting dropped somewhere, taking into account the new firewalls, and that is causing the phone to hang.
Avatar of OAC Technology
OAC Technology
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Found solution