• Home
  • Troubleshooting
  • Firewalls

Sonicwall: Recommended Settings for VoIP

Written by Marissa Orsini

Updated at March 12th, 2024

Contact Us

  • The Essentials
    FAQs Forms
  • Announcements
    Carrier Events mFax Events Platform Events Release Notes
  • Billing Administration
    Datagate OneBill
  • Faxing
    mFax - Analog mFax - Digital Native Fax
  • Hardware & Software
    Manual Configuration Provisioning NDP Axis Cisco Fanvil Grandstream Polycom Snom Yealink Mobile Applications Desktop Applications Mobile-X SNAPbuilder TeamMate Connector UC Integrator
  • Hosted Voice
    Auto Attendants Branding Call Queues Call Routing CDRs Conferencing E-911 Features Fraud Integrations Inventory / Phone Numbers Local & Toll Free Porting Onboarding Recommendations SNAP.HD SIP Trunking SMS / MMS Users Voicemail Caller ID
  • Troubleshooting
    VoIPmonitor Firewalls PBX
  • Ray's Stuff
+ More

Table of Contents

Consistent NAT

Scope:

This guide will walk you through how to configure a SonicWALL as recommended for your VoIP service.

 

Requirements:

  • SonicWALL administrative access
  •  IP Addresses and Ports
 

 

Consistent NAT

  1. Click on VoIP
  2. Click on Settings
  3. Set Enable consistent NAT to enabled
  4. Every other checkbox on this page should be unchecked as well.
  5. Click Accept
  6. Click on Firewall Settings
  7. Click on Advanced
  8. Set Enable Stealth Mode and Randomize IP ID to disabled.
  9. Click Accept
  10. Under Network > Services click Add...
  11. Fill the popup as follows:
    • Name: VoIP RTP
    • Protocol: UDP
    • Port Range: 3000 - 65000
    • Sub Type: None
  12. Click Add
  13. Click on Service Groups > Add Group...
  14. Name: VOIP Services
  15. Add the following services to the right box
    1. SIP
    2. VoIP RTP
  16. Click Add
  17. Navigate to Firewall > Access Rules
  18. Click on Matrix
  19. Click on the arrow under LAN > WAN
  20. Click on Add...
    • Source Port: Any
    • Service: VOIP Services
    • Source: Any
    • Destination: Any 
    • Users Included: All
    • Users Excluded: None
    • Schedule: Always On
    • Comment: QoS for VoIP Phones
    • Enable Logging: True
    • Allow Fragmented Packets: True
  21.  Click on the Advanced tab
    • UDP Connection Inactivity Timeout (seconds): 90
  22. Click Firewall > Address Objects > Add
  23. Fill out the following: 
    • Name: Name of the Assignment 
    • Zone Assignment: WAN
    • Type: Host
    • IP Address: IP of the Server
      NOTE: Find IP Addresses and Ports here
  24. Add each IP Address for Voice Services as an Address Object
  25. Create an Address Groupand add the address objects that were created
    • Name: Voice Services
  26. Click Security Services 
  27. Check each Service and see if it is enabled
  28. If so, you need to enable the Exclusion List on each service and set it to Voice Services
  29. Example: Content Filter
  30. Once you exclude it, click Accept

 

voip sonicwall

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Disabling SIP ALG on a Fortigate Firewall

Knowledge Base Software powered by Helpjuice

Expand