SIP Polycom Video Conference Drops
20207
Created On 09/25/18 17:51 PM - Last Modified 06/07/23 07:21 AM
Resolution
Issue
The SIP traffic gets dropped after a two hour session and needs to be reconnected. At the two hour mark, the keep-alive packets are dropped for TCP port 5060.
Cause
If the firewall does not see traffic on an established session, it will continue to downcount the session Time-To-Live (TTL). When the TTL expires, the session is cleared on the firewall which causes the connection to terminate.
Resolution
Increasing the timeout value of that custom application will enable the Polycom conference calls to maintain their session uninterrupted for longer periods of time. Perform the following steps to increase the timeout value of the custom application:
- Go to Objects > Applications and click Add > Configuration to create a custom application for TCP port 5060
- In the Advanced tab, configure the Timeout values for that custom application only to 604800.
- Go to Policies > Security to allow the custom application:
Note: Custom applications take precedence over predefined applications (including new applications released in content updates) for matching traffic types when the traffic matches both a custom and local pattern. This is also true for VSYS specific custom applications (applications defined for individual VSYS).
owner: kadak