sundance-communications.com/forum Forums TDM Business Telephone Systems Vodavi Telephones & Systems Voip behind firewall

I moved a client that has an XTS with a voip card. At the old location, they did not have a firewall. I put in the public ip address, subnet and public gatway. No problem with off site voip calls.

Now they are at new location, different co/ip provider but now they have installed a sonic firewall. We are behind the firewall now. Now we can't talk back to the XTS from outside their firewall. Haven't test within the firewall yet.

I started with the public ip address, subnet provided by provider and public gateway address. No go.

I have been working with the data guy and we are trying something else. We are now have an ip on their network and gateway in same ip range. Public IP address is routed through firewall to our system. Everything open.

Currently 192.168.1.222 ip address; subnet 255.255.255.0; gateway 192.168.1.1. Public ip is routed through firewall to us at 222. Firewall mnfg sez they see data coming in to firewall and data going out. But the phone just sits there trying to negotiate. IP phone has public addr in it. example (100.100.100.101 <- public ip) I can ping it from the computer.

I have read and reread the minor documentation in the XTS programming op manual on voip. Still cant make it work. Tech support sez it should work. The only I haven't tried is pulling the firewall just to see if it is just not filtering properly.

Is there anything I am missing? I normally set myself up next to the firewall and not behind it so this is new for me. This is just 4 ip phones on a voip card.

I've never had any luck connecting the IP card behind any kind of firewall whatsoever, despite the best efforts of many IT guys. What I've adopted as standard practice is to connect the system ahead of the firewall using a small ethernet switch and using a static IP.

Note that it was not possible to use NAT on the XTS initially. Even though it supposedly can be done now, I've never bothered to try. I'm not saying that my solution is the correct one, but it is cheap, quick and easy.

I have an identical setup to the one you have described at my office for my IP phones at home. They work flawlessly with this arrangement.

I concur with Ed. I always go with a cheap switch between the modem and the router. I don't deal with QOS and the VoIP board gets as much bandwidth as the customer's entire network does. The price of the switch is nothing compared to my time. I figure, why bother with making it more complicated since I am not a certified network engineer? The KISS method works for me!

Same here, never have been able to get NAT to work with the XTS. Put the voip card in front of the firewall and be done with it...

Public static IP ahead of firewall, it is the only way to make it work.

Update. I made the final suggestion to put the voip card before the firewall. I.T. guy tried one last thing which worked.

The sonic firewall has a port that can be programmed as a DMZ port. Not a redirect but a pass through. It makes it look like a port off a plain switch with none of the firewall filters. Plug the XTS into that specific port and it's now working.

Looks like a DMZ port is the way to go if the firewall box supports it.

Thanks for the input. Hope this can help if you guys come across the same thing.