Follow

Sonicwall Firewall - SIP Transformations

Revised Dec 2017

Firewall Settings=> Flood Protection => Scroll down to "UDP":
Increase UDP timeout to 120

*if this does not resolve port timeout issues, may need to also modify the Global UDP Connection Timeout: Advanced tab = Firewall => Access Rules => LAN/WAN and increase UDP to 30 to override any inherited UDP timeout rules 

VOIP => Settings:
o Turn on Consistent NAT.
o The SIP Transformations sections should be DISABLED (unchecked).

Note: OnSIP actually uses the packet header IN CONJUNCTION with the internal IP address inside the SIP packet to determine optimal settings, so we need both.

In address objects, create objects for the following Public IP blocks- 199.7.172.0, 199.7.173.0, 199.7.174.0,199.7.175.0, then create a group and include all 4 address objects.

Then create an access rule for WAN to LAN, ANY service ALL addresses, using the address object group created and put first in the order.

Packet Size:  Confirm that the UDP packet size it at least 1500.  If not increase it to at least 1500.

Older versions of SONIC firmware-

Additional step:
Firewall => Access Rules:
Add an 'Access Rule' for any traffic from WAN Network 199.7.172.0 Netmask 255.255.255.0 to the LAN. (not-shown)
Add an 'Access Rule' for any traffic from WAN Network 199.7.173.0 Netmask 255.255.255.0 to the LAN. (not-shown)
Add an 'Access Rule' for any traffic from WAN Network 199.7.174.0 Netmask 255.255.255.0 to the LAN. (not-shown)
Add an 'Access Rule' for any traffic from WAN Network 199.7.175.0 Netmask 255.255.255.0 to the LAN. (not-shown)

**CIDR Address**
199.7.172.0/22

UDP port timeout location in newer models/firmware (image date = June 2014)

 

Download the 2017 Business Phone Guide

Was this article helpful?
0 out of 0 found this helpful

Comments