Questions

Placing a Cisco UC560 behind a SonicWall TZ210 Firewall

+
0 Votes
Locked

Placing a Cisco UC560 behind a SonicWall TZ210 Firewall

jeff.friend
All,



I am currently in the process of switching between one phone system(Allworx 6x) to another(Cisco UC560). My current setup places my phone system behind my TZ210. For simplicity's sake I would like to place my UC560 behind the TZ210 also.(if the phone system is not placed behind the firewall it causes ALOT of additional problems for me since my entire infrastructure would need to change) The problem is that when the UC560 is set in place I am able to place calls but the call will have no audio and I am unable to recieve calls. Here is what I have done thus far:



1. Placed the UC560 in the same location as the Allworx(connected to the same ports etc.)
2. Configured the WAN IP address of the UC560 to be the internal IP address that the Allworx is currently using
3. forwarded all ports to the UC560 that the phones may need





Some additional information

1. I'm using a SIP trunk provided by Bandwidth.com
2. my ISP is Comcast
3. I am able to access the internet from the UC560
4. I am not dropping any packets at the TZ210
5. the ports/services that I am forwarding are(I wasn't sure what ports the UC560 may need so I forwarded all that I could think that would pertain)

o UDP
+ 1024-1233
+ 15000-15511
+ 1235-1722
+ 16384-16393
+ 5060
+ 69
+ 2088
o TCP
+ 1024-1233
+ 15000-15511
+ 1235-1722
+ 16384-16394
+ 5060
+ 69
+ 2088
o Services
+ SIP
+ H323 Call Signaling
+ H323 Gatekeeper Discovery
+ H323 Gatekeeper RAS



Does anyone know what I could be missing? Is there anything I can do to start to troubleshoot?







Thanks,



-Jeff
+
0 Votes
NetMan1958
Collapse -

post from Bandwidth.com:
http://forum.bandwidth.com/showthread.php?tid=41

Does your config look something like that?

+
0 Votes
jeff.friend
Collapse -

The config is good. I have tested the phone system by placing it on the border.(replacing the TZ210 with it) When it is used as a border router everything works as it should. It is only when placed behind another router that I have the following problems:

1. Can place calls(distant end phone rings) but there is no audio.

2. Can't receive calls.


I hope this helps. Thanks for the quick reply guys.

-Jeff

+
0 Votes
NetMan1958
Collapse -

it's an issue with TZ210. Are you running the standard or enhanced OS on that TZ210?

+
0 Votes
CG IT
Collapse -

along with UDP range 1000 to 3000.

you can narrow that down, if it works, to 5000 to 5100 and 1000 to 2000.

+
0 Votes
jeff.friend
Collapse -

I will try that tomorrow and let you know.

Thanks guys again for the quick replies.

-Jeff

+
0 Votes
jeff.friend
Collapse -

I tried opening up the ports you listed and sending them directing them towards the UC560 but I receive the same result.

+
0 Votes
CG IT
Collapse -

for SIP and H323.

where SIP is 5000 to 5500 [5060]
where H323 is 1000 to 3000 [1719/1720]

but H323 protocol for packet voice also uses other protocols such as H.245 .

Netman got the manual for your Sonicwall, and I'd look at his suggestions.

is it that you get no voice or nothing at all eg no connection?

are you using g711ulaw on the T1 leg ?

I'm assuming that you have VoIP T1 [24 channel] with failover to POTS and I'm assuming you dial peer uses dtmf-relay h.245- alphanumeric, with g711ulaw codec.

+
0 Votes
jeff.friend
Collapse -

Currently I am using the SonicOS Enhanced 5.6.2.0-2o OS.

+
0 Votes
NetMan1958
Collapse -

If you haven't already done so, take a look at this document:

http://www.sonicwall.com/downloads/SonicOS_Enhanced_5.6_Administrators_Guide.pdf

starting on page 614 and compare your settings to those shown. Also consider running the "Public Server Wizard" as shown beginning on page 621.

+
0 Votes
jeff.friend
Collapse -

I have tried setting up the phone system by utilizing the wizard and doing it manually. We decided to purchase SonicWall Support so hopefully they will be able to assist. They have already forwarded my case to a VoIP expert.