Using a Sonicwall Firewall and Vonage VOIP Service

Discussion in 'VOIP' started by canaan01, Jul 31, 2003.

  1. canaan01

    canaan01 Guest

    Hello all...

    I have not seen many posts about using a Sonicwall with Vonage VOIP. I
    have a Sonicwall Pro 200 and I just installed Vonage. I ran in to some
    problems... All of which were solved when Vonage "moved" my account to
    a Server that supports SPI (Stateful Packet Inspection) firewalls.

    But here are the details...

    1. When I tried to make a call out, there was a long delay and then
    fast busy.

    2. When I received a call, my phone would ring, but I could not
    "connect" to the caller. They would keep hearing the ring tone, and
    then the call would go to Voicemail.

    I called Vonage support and they read me off a list of UDP ports to
    open on the Sonicwall. I didn't want to do it... but I did anyway. The
    problem still did not go away so I had to call Vonage support again
    (LONG LONG LONG Delay to speak to someone).

    The guy I spoke the second time around say, "oh wait... does your
    Sonicall do SPI" to which I replied "Yes". He told me he wanted to try
    moving me to another server. He did this, we rebooted (power-cycled)
    the Cisco ATA-186, and I was able to make and receive calls.

    The technician said they are aware that Firewalls with SPI will not
    work on their "original" server, so they are moving people with SPI
    Firewalls (Like the Sonicwall) to the second server.

    I then decided to see what happened if I removed all the ports I
    opened on the Sonicwall. So one-by-one I removed them. And when I got
    done, the Vonage service was still working great.

    To be sure I rebooted the ATA-186 AND the Sonicwall. Sure enough, 24
    hours later (and a bunch of "can you hear me now" calls) everything
    works great.

    So... if you have a Sonicwall (and probably other SPI firewalls like
    Watchguard) with Vonage, and your service does not work, chances are
    you need to call Vonage and have them "move" your account to another
    SPI capable server.

    PS: If anyone is interested in Vonage service click on this link:
    http://www.vonage.com/?refer_id=ct and you will get a free month of
    service (that's what I did).
     
    canaan01, Jul 31, 2003
    #1
    1. Advertisements

  2. canaan01

    John Sutter Guest

    Did the tech elaborate on what exactly the problem was?

    - John
     
    John Sutter, Aug 6, 2003
    #2
    1. Advertisements

  3. canaan01

    canaan01 Guest

    I asked, but he did not give me a coherent answer. All he said is "we
    moved you to a server compatible with Stateful Packet Inspection
    Firewalls.
     
    canaan01, Aug 9, 2003
    #3
  4. canaan01

    SG Guest

    It's possible that the first Media Gateway Controller server responds on
    arbitrary ports within a range expected by the voip device, but not expected
    by the stateful firewall. The second may be an actual MGC or a proxy that
    is Stateful Inspection "friendly".
    Here's a good, lay friendly article on Stateful Packet Inspection:
    http://www.firewalls.com/document-stateful-packet-inspection.asp
     
    SG, Sep 5, 2003
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.