Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Configuring sonicwall TZ215 ports for VOIP phone system

Posted on 2016-08-17
7
Medium Priority
?
93 Views
Last Modified: 2016-09-12
Hello, I am trying to configure some ports in a sonicwall TZ-215. I've created services and service groups for some of the ports, although they are not open according to a port scan. I'm sure I am missing something.  I have little knowledge of sonicwalls, so this is something new for me. I need to create some ports and port ranges in TCP, UDP, and RTP for audio. Any advice or info would be great. Once I can get at least one port open, I should be able to handle the rest.
0
Comment
Question by:Jeff Goldbort
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 9

Expert Comment

by:J Spoor
ID: 41759886
Opening up ports in a SonicWALL from the outside means
1) create a NAT policy
2) create a Firewall rule

for #2 create the firewall rule on the original packet, not the natted one

e.g.
NAT
src=any, translated (t) src = original
dst = X1 IP (or other public IP), t dst = private IP address server / pbx
srvc = service group with the appropriate VoIP protocols, t srvc = original

the FW rule from WAN to LAN would look like
src = any, dst = public IP, srvc = service group

View example configurations and the SonicWALL webui and features on http://livedemo.sonicwall.com or http://ngfw-demo.com
0
 

Author Comment

by:Jeff Goldbort
ID: 41759956
I've attached the config i made so far, i have a bunch of ports to add but I'm just trying to get the first one going first. as of now it's not working. 192.168.1.50 is the VoIP server IP. trying to get TCP port 4400 open for starters. Thanks for you input.
createdaddressobject.jpg
firewall-rule.jpg
natpolicy.jpg
serviceobject.jpg
0
 
LVL 9

Accepted Solution

by:
J Spoor earned 1500 total points
ID: 41759973
1) the object has a private IP address, so it should be zone LAN not WAN?
2) in the NAT policy, destination should be the PUBLIC IP address you want to use, and Translated Destination the PRIVATE IP address
3) for the firewall rule leave SOURCE port to ANY, and set DESTINATION to the PUBLIC IP used in #2

example, using X1 IP
say X1 = 2.2.2.2
say X0 = 192.168.1.1
say PBX = 192.168.1.2

NAT policy
src = ANY, transl src = ORIGINAL
dst = 2.2.2.2, transl dst = 192.168.1.2
srvs = TCP 4400, transl srvc = ORIGINAL

Firewall rule
from zone WAN
to zone LAN
src = ANY
dst = 2.2.2.2
src port = ANY
service = TCP 4400
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 26

Expert Comment

by:Blue Street Tech
ID: 41764870
Hi Jeff,

The best way to open ports is to use the Wizard located in the top right corner then select Public Servers. This will provide the most complete and comprehensive way to open ports properly. From there you can fine tune it, for example, substituting Service & Access Groups instead of single Address & Service Objects or filtering Sources in Access Rules.

I'd delete the Access Rules and NAT Policies you have setup. They are incorrect. For example, unless you have enabled Outbound Filtering, there is no need to create any LAN>WAN Access Rules because everything is allowed by default.

Let me know how it goes and if you have any other questions!
0
 

Author Comment

by:Jeff Goldbort
ID: 41765321
Thank you. I will look into that. I'll update this question at that time when I get back to working on this issue.
0
 
LVL 9

Expert Comment

by:J Spoor
ID: 41784858
Did it work?
0
 

Author Comment

by:Jeff Goldbort
ID: 41794984
Closing this, as I am no longer working on this issue. Change of work venue for me. Thank you.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
Hey there Heard about jingle, the add on for XMPP that enables point to point audio between two XMPP clients. No server config necessary. Actually quite a cool feature. However, how good is it if you can not use those voice capabilities to do a P…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question