Put in Put in 3389 -> 3389 for the Local Ports. Put in the IP of the computer you want the first rule to forward RDP traffic to. Put in 3389 -> 3389 for the Internet Ports. Click 'Add' underneath Port Forward Rules. Hope this helps someone - Sonicwalls are nice and tight on security - but they can be a little non-obvious at times. Navigate to Security>Zone Firewall> Port Forward and Proxy. Without this last rule, we were having phones drop off constantly - although it was MUCH worse with Grandstream phones than any of the Polycom, Sangoma, or Yealink phones - I guess the Grandstreams are just more sensitive. However, we found out this morning a different scenario - A PBX Hosted in a CoLo behind a Sonicwall with ALL the phones remote to the PBX behind another Sonicwall - Same Rule Set as above, but after the wizard runs, you will need to create a 4th NAT Policy and it needs to look like this: This works fine for phones on the same LAN as the PBX and also for remote phones connecting to the office from offsite. That “Disable Source Port Remap” can be a killer if you are registering to Broadsoft servers - you will find that some (but not all) of your outbound calls fail - turn it on in 2 of the three rules - the third rule created by the wizard won’t let you turn it on. Three NAT policies will be created when implement this using the “Public Server Wizard” - Two of them need the following option set: Under VoIP, enable “Consistent NAT” and disable everything else - Asterisk takes care of it! Set the UDP Timeout on your LAN->WAN Firewall Rule to 300 seconds - the default is 30, but that is too low. Check the hit counters next to your NAT policy and Access Rule to verify that they are incrementing when you hit the services from your hotspot. If you want tighter security, find out your ITSP’s address range and restrict the incoming to that source. If you want tighter security, find out your ITSP’s address range and restrict the incoming to that source.Ī Port Forwarding rule of 10000-19999-UDP for the incoming RTP - sometimes you can get away without this rule - depends on the ITSP - Put it in anyway. If you are using a non-standard port, change the rule accordingly. Ok - Wasted quite a bit of time this morning with a new configuration we were trying out and I thought I would post it here so that no one else has to waste the same amount of time that I did this morning.įor a standard setup with a FreePBX/Asterisk PBX onsite, you will need the following on the Sonicwall:Ī Port Forwarding rule of 5060-UDP for the Incoming SIP Trunk - Sonicwalls are very AGGRESSIVE about closing that port, so if you use a SIP trunk and you don’t forward the traffic, you will have problems with inbound calls - outbound will work fine, but skip the drama and put the rule in.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |