This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
HeikoAnkenbrand
MVP Gold
MVP Gold
‎2018-04-09 05:20 AM

VoIP Issue and SMB Appliance (600/1000/1200/1400)

 

Issue description:

Many of our customers have reported the following issue in recent weeks. Telephone VoIP connections are terminated and can no longer be established.

Issue debug:

On the firewall you see a typical issue with the following message if you start: # fw ctl zdebug drop

Issue message: fwconn_key_init_links (INBOUND) failed

Solution:

There are two different Servers on the SIP/RTP provider's side that take part in the process of establishing the SIP/RTP call:

  • Server for SIP (Management and control)
  • Server for RTP (Media and Voice Data)

Make sure that the UDP high ports from the internal RTP VoIP telephone system to the provider RTP server on the RTP provider's side are dropped by the rule base on 600 / 1100 / 1200 / 1400 appliance:

RTP rules:

  1. Create a service for the UDP high ports and use it in an incoming Accept rule, which also has to allow the RTP ports.
  2. Create a drop rule to block outgoing connections from the Internal RTP server (VoIP telephone system) to the provider's RTP server on high UDP ports

SIP rule:

  1. Create an allow rule for incoming and outgoing SIP traffic on UDP port 5060

 

Example:

 

A similar description can be found in SK104082.

 

Regards,

Heiko

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
(1)
Who rated this post