Discussions

Sonic Wall & VOIP Integration

Tags:
+
0 Votes
Locked

Sonic Wall & VOIP Integration

jscogin
Hey guys,

I am not an expert on VOIP, but I wanted to raise a question, about best practices of VOIP and Data convergance.

Right now I am working with a VOIP provider driven off of AVAYA phone systems, and Kentronix routers to link the sites together (either by VPN or MPLS, not sure yet which one we are going with yet).

The issue comes with the underlying network we are integarting VOIP into. Basically our lan users at each od our 9 sites have their traffic passing through a sonicwall router, filtering web content, and deep packet scanning for network intrusion.

Now to make things more complicated we have 8 branch sites connected to our main sonic firewall through a site to site VPN.

I am wondering how integrating this new VOIP system with KENTRONIX routers will effect what is going on here.

What is best practice?

Should we have all voice and data traffic passing through bothe routers? example: traffic --> ketronix -->sonicwall--> switches -- > phone and PCs?

Or keep them seperate? on seperate routers, switches? or even take it a step further, and have them on seperate ISP all together.

What do you guys do? How is it setup at your site? Do you use sonicwall or similar services?

Thanks guys, lets start brain storming.
  • +
    0 Votes
    BBPellet

    We just did what you are planning...and had nothing but problems, mainly that SonicWall does not support PATs, which you will need to accomlish what you want. We ended up dumping sonicwall and getting a juniper firewalls instead.

    +
    0 Votes
    jscogin

    According to sonic walls website, they do support PAT. Can you please be more specific about what features/processes/plans are hindered by the Sonicwall?

    Also, Juniper sounds great, but do they supply the all in one type of packages Sonicwall does (e.g. Total Secure?

    Interesting...

    +
    0 Votes
    BBPellet

    I know that, but it doesn't really support it. When I called their support about not getting it to work, they stated that none of their product support PATs only 1:1 NAT. I reiterated that their site says it does, the support person told me that the site is old and they dropped support PATs as their customer base rarely requested the feature. They really don't know what they support!! So I went to juniper.

    +
    0 Votes
    davidgh2005

    Juniper has two sucury security gateways. The SSG5 and SSG20 that do it all that you need.

    +
    0 Votes
    tom.phan

    The main kentrox is located onsite at the main office on a separate internet connection. The routers themselves have vpn tunnels that can be created for site to site.

  • +
    0 Votes
    BBPellet

    We just did what you are planning...and had nothing but problems, mainly that SonicWall does not support PATs, which you will need to accomlish what you want. We ended up dumping sonicwall and getting a juniper firewalls instead.

    +
    0 Votes
    jscogin

    According to sonic walls website, they do support PAT. Can you please be more specific about what features/processes/plans are hindered by the Sonicwall?

    Also, Juniper sounds great, but do they supply the all in one type of packages Sonicwall does (e.g. Total Secure?

    Interesting...

    +
    0 Votes
    BBPellet

    I know that, but it doesn't really support it. When I called their support about not getting it to work, they stated that none of their product support PATs only 1:1 NAT. I reiterated that their site says it does, the support person told me that the site is old and they dropped support PATs as their customer base rarely requested the feature. They really don't know what they support!! So I went to juniper.

    +
    0 Votes
    davidgh2005

    Juniper has two sucury security gateways. The SSG5 and SSG20 that do it all that you need.

    +
    0 Votes
    tom.phan

    The main kentrox is located onsite at the main office on a separate internet connection. The routers themselves have vpn tunnels that can be created for site to site.