Direct SBC connections not via a Sonicwall Firewall

Eric
Eric used Ask the Experts™
on
Hi All

I have a Session Border Controller attached, at the moment, to a Sonicwall Firewall; is it safe, or sensible to take out the connections from the Sonicwall and have the SBC connected directly to the ISP?  I am difficulties getting the Sonicwall to pass SIP to the SBC.


Thanks in advance
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Possibly depending on the security capabilities of your SBC. The other thing to check on the Sonicwall is SIP-ALG and/or SIP inspection settings and toggle those to see if that allows it.
EricIT Systems and Asset Manager

Author

Commented:
Hi Buckethead

The SBC is a Sangoma SBCT-CAR-250, Sangoma support is difficult to navigate :-(
J SpoorTME / Network Security Evangelist

Commented:
Most of these 3rd party IP enabled devices do not run a hardened OS and would be possibly exploitable.

so no, not recommended. also see buckethead's comment about enabling the SIP ALG
Angular Fundamentals

Learn the fundamentals of Angular 2, a JavaScript framework for developing dynamic single page applications.

EricIT Systems and Asset Manager

Author

Commented:
Hi All,
I change the setting, the result was I was able to call in using MicroSIP but not with a Mobile or Landline, any ideas?

Thanks

Commented:
can you make a drawing of your setup. and the settings on acl, nat and sip of the firewall.
EricIT Systems and Asset Manager

Author

Commented:
Hi Benjamin

I will put the diagram up shortly , a little tied up at the moment being a virus hunter - if only I could rid of users :-)

Thanks

E.
When you say you were able to call in using MicroSIP, what are you using for Call Control? Does the SBC have that type of functionality or is it another server? I'm just trying to figure out what actually set up the call. It may not have traversed the SBC at all. Do you have public numbers coming in on a SIP trunk terminated to the SBC or did the provider of the SIP trunk provide you with test numbers?
EricIT Systems and Asset Manager

Author

Commented:
@Buckethead  - I am not sure what you mean by call control, the calls come on IP (from Voxbone and others) via the Sonicwall into the Sangoma SBC and from there either into an IVR server with user prompts or it goes to our internal TDM switch via the PRI card in the SBC.
I am quite new into SIP configuration so it is a steep learning curve.


Regards

E.
IT Systems and Asset Manager
Commented:
Hi All
I have found out that I can use Sangoma SBC as a primary point of access as it is hardened and has many features to protect my network, however I need it to work through my Sonicwall NSA firewall as I only have 1 ISP connection.  It seems Sonicwalls are known to be problematic with SBCs - so I work on it and add a different post if I get stuck.

Many thanks for your comments and suggestions

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial