Any small firewall device suggestions for SIP trunks?

[4946]

IPO 500 V 4.2(14)
VM Pro 4.2.24
VM Pro Client 4.3(30)
60 IP Sets 4610SW/5610SW
130 Users (Yes we run 24x7)
1 IP 1616
No Upgrade in the near future.

We would be very appreciative for your suggestions for a small firewall device that could handle the bandwidth for approximately 60 simultaneous SIP calls (729 codec). Calls will originate from the IPO 500 inside the firewall to a remote gateway device outside the firewall.

Thanks in advance for your suggestions.
WN

 

[DavidCT]

Bandwidth is more a function of your ISP, not your firewall, unless you have a synchronous connection of greater than 15mb, in which case a slow firewall could become your bottleneck, especially if doing SIP transformations.

Anyway, I would go with dual Sonicwall NSA240 units, configured with High Availability. If one unit fails, the other will automatically take over. You do not want to put all your calling on SIP and then find you have a single point of failure.

I also recommend you upgrade your 500 to the lastest MR of R5. 4.2 was ok, but Avaya came a long way in SIP reliability from R4 to R5.

Presume you are also bringing in a back up internet circuit?

 

[hairlessupportmonkey]

for 60 simultaious calls on g729, I would forget it, and go for a leased line.

put the call centre staff on g729 and the management on g729

http://www.voip-info.org/wiki/index.php?page=Bandwidth+consumption

then forget the firewall.

If you also want super reliability, use a SIP gateway such as a Quintum DX2030, and this will reduce your costs for SIP trunks, and additional VCM channels. you then bolt that to your ISDN 30 card.

This will take the load off the IPO as well. I have a customer in a very busy call centre and we use this solution. it works very well.

 

[Bas1234]

Get a second 2Mb up/down internet connection (+/-30 calls on G711), make 2 iproutes each to a different router.
Let the provider split the account in two. Create a second sipline. Then give each sipline 30 channels. Create a second ARS that is for the overflow of the main ars.

___________________________________________
It works! Now if only I could remember what I did...

Dain Bramaged
___________________________________________

 

[amriddle01]

For quality and robustness go for 2x ISDN30's....job done

ACSS (SME)
APSS (SME)

http://www.ipoffice.tel

"I'm just off to Hartlepool to buy some exploding trousers

 

[hairlessupportmonkey]

lol andy - no wonder you dont sell any SIP trunks!

 

[tlpeter]

Andy is right.
Always trouble in network or provider side.
ISDN works anyway on IPO side.
If not then call the provider.
Sip always gives problems.

One provider follows RFC and the other not.
Give it a couple of years and then this will be over probably but for now ISDN is way much reliable.
I would never ever only have sip trunks.
I will always keep ISDN as backup but that is me.


Homo sapiens non urinat in ventum

honey, i fried the IP Office !!!

Sarcasm, it's only one of the services I offer.

 

[hairlessupportmonkey]

BT will be switching its PSTN network over to IP soon anyway. so ISDN will only be a method of terminating VoIP traffic to the PBX effectivly.

 

[tlpeter]

Hopefully it is better by then.
Our main provider isn't doing it by RFC


Homo sapiens non urinat in ventum

honey, i fried the IP Office !!!

Sarcasm, it's only one of the services I offer.

 

[Albus]

Why SIP-Trunks?
You have to invest in more bandwidth for Internet access, preferable with QoS. Not to forget things like redundancy and failover. This gives additional planning and implementation costs. It is far more likely to run into troubles, which will involve technicians from different companies (you, your customer, the ISP, the SIP-Provider and the customers network guy). And then you say, you want G.729 which does save bandwidth, but needs more CPU while still does sound a bit poor.

Go for additional PRI's. It just works and sound is better.
Anyway, update to 5.0(20) or 6.0(14).

 

[tlpeter]

I would go for 5.0.22 (i know small detail )


Homo sapiens non urinat in ventum

honey, i fried the IP Office !!!

Sarcasm, it's only one of the services I offer.

 

[4946]

Thanks to everyone for your response and observations. I must apologize that I can't respond more thoroughly right now, unexpected telco and administrative circumstances have developed that I am addressing....(you telco guys know about that). Should have everything under control soon and hope to get back during the weekend. Please continue your discussions I learn more every time I log on.

Thanks,
WN

 

[4946]

O.K. here is our set-up:

Northern site:

IPO 500 in off-site co-location facility.
Connected to Internet via 5MB burstable to 50
One T1 (D4-AMI) 24 channels of voice.
Three SIP trunks from providers
One SIP trunk from IPO 500 at Southern site
One SIP trunk from second IPO 500 at Southern site

Executive Offices (7 phones) connected to Northern ISP via 2 bonded T1 circuits.
Bandwidth use also shared by video conference system and SQL server hosting replicated call center database,
VPN connections to co-location site and Southern site.


Southern site:

Connected to ISP by E3 via microwave connection.
VPN connections to Northern co-location and Executive Offices
50 IP phones serviced by Northern IPO 500 via VPN.
IPO 500 in Southern site used for local analog devices and connected to Northern site via SIP trunk.
Second Southern IPO 500 provided by E1 provider used as gateway splits E1 traffic into a SIP trunk for the Northern 500, another SIP trunk into a local Quintum gateway, and out another E1 to a local PBX switch.


DavidCT,
Thanks for the recommendations. The co-location facility provides BSD from miltiple ISP providers. We are in negotiations for fiber to compliment the microwave in the Southern location so we can do the same there.

hairless,
It sounds like you are recommending using the legacy TDM E1/T1 capabilities rather than the SIP capabilities of the IPO. Do you see some capacity issues with SIP (or other SIP issues)?

Bas1234,
Thanks for the roll-over ARS concept. I think it will come in handy on some other projects too.

amriddle01, tipeter, albus,
We have some really old and rotten aerial copper servicing the site. That is the main reason that everything is being delivered by microwave except one E1 and that has been a real pain. The secondary fiber route that is under negotiaion will be aerial, so that will have also its challenges at times.

 

[tlpeter]

If copper is bad then sip will be your best choice as long as it is better then the copper
overhere if is mostly better with copper.

Homo sapiens non urinat in ventum

honey, i fried the IP Office !!!

Sarcasm, it's only one of the services I offer.

 

[hairlessupportmonkey]

4946,

I think that SIP is an evolving technology and some products are better than others at delivering it. While I feel that the IPO is now very good at it, I think a dedicated gateway will simply releave some load off the IPO and allow it to function more reliably for all the handsets you must have connected to it.

 

[4946]

Thanks everyone for pitching in your observations and experience. I don't think that we would qualify for an "early adapter" status with SIP products, but we have come a long way from the first conversations with our IT guys...("..you want to put WHAT on our network!!!???"...."yes, you really can make a phone ring with less than 96 volts!!").

WN