Voip external server

Announcements

ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.

Reply
Highlighted
L0 Member

Voip external server

I'm experiencing an issue with a connection to an external voip server.

Directly attached to a PA-500 ethernet port there is a patton (fxo voip appliance).

Now, I'm allowing any traffic to outside, any application.

When I surf from that interface I can access external sites, but the issue seems to be NAT.

Voip uses port 5060 udp.

I can see the packets reaching the external server (that I manage) and they are forwarded back, but on the PA they are not present.

I tried different NAT types, but none of them seems to be working properly.

Does anyone experienced the same issue?

Does anyone know how to solve the problem of udp coming back to the internal interface of the firewall?

Thanks to all of you,

Pietro

Tags (3)
Highlighted
L3 Networker

Is the proxy server able to establish a sip session successfully with the external server ? Is the proxy server a nat aware device( does it know its public ip address ) ?

Highlighted
L4 Transporter

have you tried a static bi-directional nat for this traffic.

Highlighted
L4 Transporter

Please read this topichttps://live.paloaltonetworks.com/message/15066#15066

it could help you - try to use application override

regards

SLawek

Highlighted
L0 Member

The external server is well known by the patton.

It arrives and the landing packet reaches the target.

When the packet is sent back everything stops.

Now I'm trying the hint given by slv. :smileyhappy:

Highlighted
L2 Linker

Last post on

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!