Cisco SP504G phone w/Vonage behind Sonicwall
Hi all,
Have a customer that has purchased Vonage for a few staff members, and I am trying to get the Cisco SP504G phones working on the Sonicwall-protected LAN. The phones will provision but then go to straight amber lights (fail to register / communicate).
Found this -http://support.vonagebusiness.com/app/answers/detail/a_id/1017/~/sonicwall-firewall-configuration
Did as described within, it made no difference.
Have tried everything that I can think of.
- Tested a phone in the DMZ, no go
- Port forwarded 5061:5013 UDP, 10000:20000 UDP to a phone, nadda
- Temporarioy enabled Allow All / Any from Any inbound & outbound
Nothing seems to work, but the phone seem to operate OK out side the LAN (on other external networks, offsite).
Anyone seen this before?
Have a customer that has purchased Vonage for a few staff members, and I am trying to get the Cisco SP504G phones working on the Sonicwall-protected LAN. The phones will provision but then go to straight amber lights (fail to register / communicate).
Found this -http://support.vonagebusiness.com/app/answers/detail/a_id/1017/~/sonicwall-firewall-configuration
Did as described within, it made no difference.
Have tried everything that I can think of.
- Tested a phone in the DMZ, no go
- Port forwarded 5061:5013 UDP, 10000:20000 UDP to a phone, nadda
- Temporarioy enabled Allow All / Any from Any inbound & outbound
Nothing seems to work, but the phone seem to operate OK out side the LAN (on other external networks, offsite).
Anyone seen this before?
ASKER
Schaps - thanks for the reply.
When I say "no go", it means the 4 lights at the top of the phone are all amber in color. The extensions just show "not registered" in the status. This is the case for the DMZ as well.
I got on the the Business Support line with Vonage, and all they could tell me was that there is a firewall issue (or blocking of some kind).
As mentioned, the automated provisioning (after a factory reset) does "partially work". It fills in the information - visible through device web interface. So the bits like Display Name, User ID and Password are automatically filled in. But then the amber lights glow, no registration.
Yes. A laptop and other devices access the internet (and are accessible from the outside) from inside the same DMZ.
Screen-Shot-2015-12-01-at-9.42.31-PM.png
When I say "no go", it means the 4 lights at the top of the phone are all amber in color. The extensions just show "not registered" in the status. This is the case for the DMZ as well.
I got on the the Business Support line with Vonage, and all they could tell me was that there is a firewall issue (or blocking of some kind).
As mentioned, the automated provisioning (after a factory reset) does "partially work". It fills in the information - visible through device web interface. So the bits like Display Name, User ID and Password are automatically filled in. But then the amber lights glow, no registration.
Yes. A laptop and other devices access the internet (and are accessible from the outside) from inside the same DMZ.
Screen-Shot-2015-12-01-at-9.42.31-PM.png
Do your phones and test computer in DMZ get LAN IP's from the Sonicwall or WAN IP's from your ISP?
Does your ISP equipment have more than one port you could plug a phone into to test? If not, it's possible the block is coming from the ISP, not the Sonicwall.
If that is of no use, please give more specs on Sonicwall model, ISP and ISP's modem/gateway model.
Does your ISP equipment have more than one port you could plug a phone into to test? If not, it's possible the block is coming from the ISP, not the Sonicwall.
If that is of no use, please give more specs on Sonicwall model, ISP and ISP's modem/gateway model.
ASKER
The ISP has provided a static IP, and this is configured on the WAN side of the Sonicwall. The DMZ is on its own subnet and get an internal IP from the DHCP server running on its interface.
There is only one data port available on the ISP equipment (Adtran), but my understanding is that an additional 5 public IPs are available. I am going to add a small network switch between that port and the firewall. I will then try a crappy retail router with one of the other public IPs and plug in the phone.
But - if this works - not sure what to do next.
There is only one data port available on the ISP equipment (Adtran), but my understanding is that an additional 5 public IPs are available. I am going to add a small network switch between that port and the firewall. I will then try a crappy retail router with one of the other public IPs and plug in the phone.
But - if this works - not sure what to do next.
If the public IP's are available, most Sonicwall equipment have a "transparent mode" which apparently works better with VoIP equipment:
http://kb.guru-corner.com/question.php?ID=297
Not sure how many phones you need set up, though. If you can take down the LAN for a short period, might be worth manually configuring the phone to the WAN Static IP and giving it a go. That would leave the Sonicwall settings unchanged for quick return to normalcy when the experiment completes.
http://kb.guru-corner.com/question.php?ID=297
Not sure how many phones you need set up, though. If you can take down the LAN for a short period, might be worth manually configuring the phone to the WAN Static IP and giving it a go. That would leave the Sonicwall settings unchanged for quick return to normalcy when the experiment completes.
ASKER
YES. Transparent Mode looks *very* promising. I did not know it existed. Thank you for directing me to that. If that works, you have definitely solved this issue.
They have 8 phones, but I have only been testing with one thus far. I have setup all the port-forwards to go directly to the internal IP address of this single phone - just to try and get something working.
Plugged one of the devices into my home network running Google Fiber - lights green and all is good. How I wish I could see this at the clients office.....
They have 8 phones, but I have only been testing with one thus far. I have setup all the port-forwards to go directly to the internal IP address of this single phone - just to try and get something working.
Plugged one of the devices into my home network running Google Fiber - lights green and all is good. How I wish I could see this at the clients office.....
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Also, are you factory-resetting the phone and engaging automatic provisioning, and then entering the phone's IP address into the automated provisioning interface (http://support.vonagebusiness.com/app/answers/detail/a_id/21398/~/cisco-spa-series-ip-phones)?