Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SIP setup for IP Office using XTM Watchguard Firewall pointing SIP to public IP

Status
Not open for further replies.

chavz7796

Technical User
Apr 29, 2013
118
US
Hello Guys,

I I'm trying to setup a SIP Trunk on an IP Office, passing traffic thru a WatchGuard Firewall. I have configured the SIP line to use the LAN interface pointing to the public IP for the SIP trunk. Normally other ISPs deliver the SIP trunk using an SBC, but this ISP that we are working with is having us a public IP. Unfortunately the ISP does not have documentation available, but I found some documentation for an AT&T setup that I should use the WAN interface to pass SIP traffic, but I am not sure which way to move forward.
I've tried both, using the LAN and WAN interface, and I can pass limited traffic.

Any advise is greatly appreciated.

Thanks
Rick
 
You'll need to use the Network Topology settings to have the IPO use your public IP on the SIP packets.

"Trying is the first step to failure..." - Homer
 
Hello chavz7796,
on the watchguard you've tried to do a SNAT with public ip ISP to the local LAN ip IPO for sip service (ex port 5060)?
on the watchguard how many wan you have?
if you have one you have to do nat 1: 1 if you have more than one you'll want to create a nat 1:1

 
Hello Janni78,

I added the public IP to the network topology and no luck. The SIP line is showing out of service.
Any other ideas?
 
Hello nerdherder27,

I have created an SNAT with the public IP from the ISP to the local LAN IPO on udp port 5060.
I only have one public IP. Do I do a 1 to 1 NAT on IPO topology tab or do I do it on the firewall?

Thanks for the help!
 
Do I need an SBC or is it possible to configure the sip to use the LAN interface from the IPO. I know I can configure the SIP to use the LAN interface when there is an SBC on the network, but in this case there is no SBC available. The SIP resides on a public IP.
Since I have never tried this setup, I don't know if it is possible to do???

 
You don't need a SBC.
You need first set the Network Topology public IP and firewall to for example Static Port Block.
Then set the SIP trunk to use LAN1 network topology.

After that the Monitor tracing starts to see what happens.

Does the sip trunk need to REGISTER (and does it work) or is it locked on public IP?
Do you see incoming SIP traffic in Monitor from the provider?
Is your public IP in the SIP INVITE you send to the provider and what is the response?

"Trying is the first step to failure..." - Homer
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top