Upgraded from 6.1.4 to 7.0 VOIP unable to receive external Calls

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Upgraded from 6.1.4 to 7.0 VOIP unable to receive external Calls

Not applicable

Good Day,

We recently upgraded from 6.1.4 to 7.0 prior to the upgrade all of the remote VOIP phones operated properly, however after the upgrade we were no longer able to receive external calls from anyone. IP phone to IP phone work fine but not able to receive calls off the network. Has anyone encounter this issue? Does 7.0 process the call setup between the gateway and Call Manager differently than 6.1.4?:smileyconfused:

3 REPLIES 3

Cyber Elite
Cyber Elite

Security policies are port or application based?

Do you see blocked traffic in log?

Play around (enable/disable) with SIP ALG inside sip application.

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

Hello Radio,

We have the polices setup as a service group with all the ports. The application is set for any the connection is coming between to palo alto fw via VPN tunnel work fine prior to the upgrade.

L1 Bithead

Greetings,

Sounds as though there are additional ports needed to receive calls from off the network phones. I'm not running Cisco VOIP so this may be of limited use to you.

What I did is setup a negate policy, blocking my custom VOIP ports (defined in an application override policy) along with rtp and sip protocols, to any hosts other than my VOIP gateways. Under that policy I created a deny and log (any application and service) destined for my VOIP gateway addresses.

This made it easy to expand TCP and UDP port ranges (based on what was being denied) until I got my phones working properly. The vendor docs port range recommendations were not quite correct so I had to mess around expanding port ranges a bit to get it sorted out.

  • 2668 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!