Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations
Can't transfer FreePBX calls over VPN from Polycom phone using Fortinet firewalls.
Hi,
We recently replaced our Cisco firewalls with Fortinet firewalls. The firewall at the site having the problem is a FortiGate 30D. The firewall at our main site is a FortiGate 70D. They are connected via Site to Site VPN. All traffic is allowed to pass between sites. We have a FreePBX Asterisk system at our main site (behind the 70D) and the phones there work just fine. However, we have a remote Polycom VVX410 at the site with the 30D which connects through the VPN to our FreePBX system. When that phone picks up an incoming call and tries to transfer it, the call gets stuck in a perpetual hold and it can no longer be accessed. That phone can also no longer see the BLF lights when other users are on the phone. These all worked prior to putting in the FortiGate.
I have disabled SIP-helper, sip-nat-trace and RTP on the FortiGate and reboot with no change. What can be done to get this phone working properly again?
Thank you
We recently replaced our Cisco firewalls with Fortinet firewalls. The firewall at the site having the problem is a FortiGate 30D. The firewall at our main site is a FortiGate 70D. They are connected via Site to Site VPN. All traffic is allowed to pass between sites. We have a FreePBX Asterisk system at our main site (behind the 70D) and the phones there work just fine. However, we have a remote Polycom VVX410 at the site with the 30D which connects through the VPN to our FreePBX system. When that phone picks up an incoming call and tries to transfer it, the call gets stuck in a perpetual hold and it can no longer be accessed. That phone can also no longer see the BLF lights when other users are on the phone. These all worked prior to putting in the FortiGate.
I have disabled SIP-helper, sip-nat-trace and RTP on the FortiGate and reboot with no change. What can be done to get this phone working properly again?
Thank you
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
LVL 20
Does it happen when the remote user first presses the TRansfer key, or once it completes and presses transfer the second time?
I'll have to double check on that. I know that the BLF lights on the phone are also greyed out and do not work.
As for transferring, when he pushes the transfer button and dials an extension, he gets a message that states "transfer failed." And then the call is still listed on his phone, but he cannot pull it back. The phone rings at the person's desk where the call was transferred, but all they hear is hold music when they pick up the call (or silence). Then the call is lost in a black hole until they hang up.
Its a complicated behavior mostly due to the vendor specific way of handling the transfer, to which I am not very related with.
I guess if you can debug the asterisk (core set verbose 9 / core set debug 9 / sip set debug on) plus collect a sniffer trace from the IP Phone, I might be able to help you decode what is happening at both ends. You may want to inveestigate if the Polycom device has logging of its own to help clarify.
I guess if you can debug the asterisk (core set verbose 9 / core set debug 9 / sip set debug on) plus collect a sniffer trace from the IP Phone, I might be able to help you decode what is happening at both ends. You may want to inveestigate if the Polycom device has logging of its own to help clarify.
To me it sounds as if some SIP signal is getting dropped somewhere, taking into account the new firewalls, and that is causing the phone to hang.
It looks like this has been resolved. I used the following in the FortiNet CLI:
config system settings
set sip-helper disable
set sip-nat-trace disable
end
config system session-helper
show
(Locate the SIP entry number)
delete # (where # is the SIP entry number)
config voip profile
edit default
config sip
set rtp disable
end
(reboot the device)
After the device restarted, we restarted the phone and everything worked.
Thank you
config system settings
set sip-helper disable
set sip-nat-trace disable
end
config system session-helper
show
(Locate the SIP entry number)
delete # (where # is the SIP entry number)
config voip profile
edit default
config sip
set rtp disable
end
(reboot the device)
After the device restarted, we restarted the phone and everything worked.
Thank you
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trialIt's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
IP Telephony
From novice to tech pro — start learning today.
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - Outlook 2013 Par… 191 lessons
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with premium.
Start your 7-day free trial.