asterisk users - Sep 2006 - Asterisk behind Sonicwall firewall

Hi all

Anyone using a sonicwall firewall ?
I have been and then suddenly  it drops UDP packets because SIP is no 
longer on port 5060 but some random assigned port ?

Why ?

Thanks all

Barry Fawthrop wrote:
> Hi all
> 
> Anyone using a sonicwall firewall ?
> I have been and then suddenly  it drops UDP packets because SIP is no 
> longer on port 5060 but some random assigned port ?
> 
> Why ?
SIP is still on 5060, but the AUDIO (which is RTP) is on a dynamically 
negotiated port.  Now you understand why many people in the VoIP 
business would love to meet the people that designed SIP in a dark alley.

Read the mailing list archives and the Wiki for information working 
around these issues.

Barry Fawthrop wrote:
> Hi all
>
> Anyone using a sonicwall firewall ?
> I have been and then suddenly  it drops UDP packets because SIP is no 
> longer on port 5060 but some random assigned port ?
>
> Why ?
>
> Thanks all
>
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
http://www.lassologic.com/support/pdfs/Configuring_Voip_For_SonicOS_Enhanced.pdf#search=%22sonicos%20voip%22


-- 
===================================================J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
sil . infiltrated @ net http://www.infiltrated.net 

The happiness of society is the end of government.
John Adams

Barry Fawthrop wrote:
> Hi all
> 
> Anyone using a sonicwall firewall ?
> I have been and then suddenly  it drops UDP packets because SIP is no 
> longer on port 5060 but some random assigned port ?
> 
> Why ?
Which Sonicwall model? Some (like the TZ170) have special VOIP settings, 
like "Enable consistent NAT" and "Enable SIP
Transformations". Check
those; they work well with SIP.

If you don't have one of these newer models, please see 
http://www.voip-info.org/wiki-IAX, in the "NAT Issues" section. It
deals
with IAX2, but the issues are same for SIP UDP. The Sonicwall 
UDP-connection-memory timeout may be VERY short - 30 seconds by default 
on some! It is adjustable in some firmware versions.

I use the TZ170, but with IAX2 rather than SIP.


- Mike

Barry Fawthrop wrote:
> Hi all
> 
> Anyone using a sonicwall firewall ?
> I have been and then suddenly  it drops UDP packets because SIP is no 
> longer on port 5060 but some random assigned port ?
> 
> Why ?
Yes, have multiple clients with asterisk behind a sonicwall.

I don't understand from your wording if you mean a voip connection 
suddenly changed from dup/5060, or, did you change the asterisk system 
to use some other udp port.

The sonicwall does have an option to support sip (udp/5060), but I've 
not had to use it on anything that we've worked with.