05-01-2012 12:10 PM
I have our VoIP PBX set up with an IP on our external side via NAT. The policy is a simple static NAT from the internal IP to the external. I also have the correct security policies in place to allow SIP/RTP traffic to pass freely to and from the external IP address. The PBX server can be accessed via HTTP from outside our network, and my cell phone (using BRIA) can successfully register to the PBX.
However, whenever I make a call from outside, it will disconnect after seven (7) seconds when picked up. This happens every time without fail. I have tried tweaking around security policies, enabling application override, and altering the NAT rules.. nothing seems to help.
Can anyone give me suggestions? This setup worked perfectly fine on our old Juniper SRX-240B with the PA-500 in vWire. Ever since I swapped the PA-500 into being our gateway/firewall, it just won't do it.
More information can be provided upon request.
05-01-2012 12:39 PM
Hi, i have the same problem. The support area is reported to the task. Waiting for a solution. The problem lies in properly marked RTP packets. application ovverride does not help. We have to wait.
05-04-2012 10:25 AM
Any Palo-Alto support people that can make any suggestions at all? We really want to avoid having to buy an intermediate device for SIP to bypass the PA-500.
05-04-2012 11:14 AM
What software version and content is running on the device?
We are continuing to make improvements to the SIP decoder so I would recommend updating to the latest app/content version to see if this resolves your issue.
VoIP issues can be tricky to troubleshoot so I would highly recommend opening a case with your support team so we can gather packet captures, global counter and session information.
05-04-2012 11:40 AM
Our PA-500 is currently on version 4.1.2.
Packet captures that I've done so far show outgoing RTP transmission, but no incoming.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!