Starting a couple days ago I've been having problems with some of our video conferencing applications.
We use RP1cloud as our VC service. Normally we would see traffic on tcp5061 head out accepted. Now i'm seeing traffic dropped with the gateway as the target on non SIP ports alongside the normal traffic.
See non standard ports here. The drops are destined to our external IP, and accepts are to the VC cloud service:
The drop logs show the following
In order to allow the inspection of encrypted SIP over TLS connections, please add the 'sip_tls_with_server_certificate' service to the relevant rule,
make sure that the 'sip_tls_authentication' service is removed from the rule and configure TLS on the corresponding SIP Server object
I found the following SK related to this VoIP Configuration message, however i'm unsure if it's viable for this situation:
No changes have been made on the firewall between when it was and wasn't working.
Anyone have thoughts on the behaviour change? I'm unsure why I'm seeing the odd TCP ports being listed in the SIP_tls_authentication service.