1. Home
  2. UK Do-It-Yourself Forum
  3. SIP trunk on an IP Office, with a SonicWall NSA 3500

SIP trunk on an IP Office, with a SonicWall NSA 3500

I have posted this over at uk.telecom.voip, but just in case someone here knows the magic combination, I though I would ask here too!

I am REALLY struggling to get a SIP trunk working on my IP Office 406 (5.0) with a SonicWall NSA 3500 in the way.

Has anyone here manage to get this working?

The SonicWall has a number of WAN connections (all with static IP's) and one LAN connection, which is connected to (amongst other things) LAN1 of the IP Office.

If I connect the WAN connection to LAN2 on the IP Office, it works absolutely fine, but I really would prefer the SonicWall to be in the way, for better security, and also so we can switch to using different WAN connections if there is a problem with the primary one.

The best config I have at the moment is allowing incoming calls to work properly, but outbound calls are not passing audio in any direction ;(

If you have managed to set this up, and don't mind sharing your wisdom, I would be very grateful!

My provider specifies two IP addresses their end, one used for signalling, and the other for media, signalling needs to pass port 5060 and media ports 6000 -> 40000

Many thanks!

Reply to
Toby
Loading thread data ...

The fact it works without the Sonicwall suggests either the sonicwall is blocking it, or you need to configure some NAT or port-forwarding (or both) on the Sonicwall. Sorry, can't be more specific without knowing your addressing scheme and firewall rules.

A good start would be the Sonicwall's logs while you try to set up a call.

Reply to
Chris Bartram

If you can use the sonicwall in a bridging, rather than routing fashion, do that to avoid NAT.

If you have the option of an IAX trunk instead of a SIP trunk, do that as it doesn't mind NAT.

If the VoIP kit can use a STUN server, use that to work around NAT.

(can you tell I'm not a fan of NAT?)

Reply to
Andy Burns

Sorry can't remember where the article was but there is a problem with NAT that can and does cause this problem..

Have a look here...

formatting link

Reply to
tony sayer

SIP is not a NAT-friendly protocol, because it passes IP addesses in the payload. Your SIP server will almost certainly have to live on a real non-NAT'ed IP address. SIP clients can often be frigged to work in NAT environments, e.g. by using STUN, or if they are NAT'ed behind a fixed IP address, some allow you to configure this so the correct external IP address appears in their payload, rather than their internal NAT'ed IP address.

If you run an STUN server, that needs two real non-NAT'ed IP addresses (one could be the same as the SIP server's). However, you can use anyone's STUN server, providing they give permission.

Reply to
Andrew Gabriel

A couple of port forwarding rules does the trick.

Reply to
0845.86.86.888

HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.