SOLVED Firewall Settings Advice

Daniel

New Member
Joined
Sep 13, 2013
Messages
4
Reaction score
2
We are subletting a space and are sharing an internet connection with the other lessee and operating behind their firewall. Over the past few months I've worked with their sysadmin to get ports opened up and redirected to our pbx which is behind the firewall. We are using voip.ms. He says that the ports are all open and forwarded however only about 30% of inbound calls are connecting. I suspect that the calls connect if our server happens to be registering near the time of the call.

I've set up PIAF on an Ubuntu droplet on Digital Ocean to try to move the server out of the firewall and then connect endpoints through the firewall. The Yealink phone behind the firewall connects to the Digital Ocean server and can make and receive calls for the first few minutes but then no longer registers. Inbound calls go to voicemail and outbound calls appear as coming from anonymous and route as congestion. I've brought the phone home and it works great from my home network with no special firewall or forwarding rules.

I've lost confidence in the sysadmin's knowledge and he hasn't been willing to allow me to look at the firewall config myself (it is a 4 year old sonicwall). I'm wondering if setting up OpenVPN on the server and phones would help in this case? Any other suggestions?
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,170
Reaction score
5,199
Assuming UDP 5060 is being forwarded, I suspect the firewall is not handling management of UDP 10000-20000 correctly. Just ask the administrator to map all of those ports to your server's IP address.
 

atsak

Guru
Joined
Sep 7, 2009
Messages
2,381
Reaction score
436
Paging hbonath - what settings are needed on the Sonicwalls so they'll behave?
 
Joined
Nov 14, 2008
Messages
1,398
Reaction score
320
go to your inbox and start a conversation with hbonath there also. also search his posts
 

Daniel

New Member
Joined
Sep 13, 2013
Messages
4
Reaction score
2
Thanks for the quick replies. I forwarded the link from lgaetz to my sysadmin and he reviewed the settings. He said he had "Consistent NAT" disabled. With that change, all of my test calls are now connecting and endpoints are staying registered. Yipee!

Thanks lgaetz for the great link!
 

Members online

Forum statistics

Threads
25,782
Messages
167,512
Members
19,203
Latest member
frapu
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Top