Resolved: Turned out the Wildix phones phonebook was using SSL over TCP port 80 and not port 443. Created a custom service for TCP Port 80 and then applied that custom service to a new rule for just SSL traffic from the phones. Regards: Elliott.
... View more
Hi all, where I work, we are having difficulty in getting the Wildix IP Phone Phonebook to work through our PaloAlto PA-220 firewall what we use for all SIP traffic. (Wildix is a make of IP phones we are using.) I keep seeing dropped traffic like the below (drop.pcap), which is strange as the source address is showing the WAN IP and not the LAN IP of the Wildix IP phones. Capture taken directly on the PA-220 it's self. (For testing below, all application default services and protocols allowed out from internal LAN subnet to to any source destination.) 2861 70.291031 193.195.XXX.XXX ec2-3-9-XXX-XXX.eu-west-2.compute.amazonaws.com TCP 214 5070 → 80 [PSH, ACK] Seq=1 Ack=1 Win=3650 Len=148 TSval=4294942132 TSecr=2835647103 186844. Not sure if it is a NAT issue, but the phones work ok on making and receiving calls, but not the phone book. The Phonebook works ok when a Wildix phone is connected up to ones personal domestic wireless router. Please give me advice, but I think I will do a Wireshark capture directly on the phone it's self next. Regards: Elliott.
... View more