Firewall: Sophos UTM 9.510
Having issues with audio with voip provider callwithus. Also have callcentric configured which works fine because it uses defined set of servers for media.
With callwithus, the call is initiated successfully, but the issue is with the audio/rtp media. Callwithus doesn't have a specific server or servers it uses, but rather the media can come from a any number of different servers (and ports).
I've found two solutions to make it work.
1) Allow the pbx full access to all external (internet) ports (1:65535) by way of a firewall rule. While this works, I'm not comfortable giving the box full wide open access.
2) Use "Internet IPv4" as a network in the network protection/voip/Sip Server networks. Call audio works both ways, firewall shows SIP call (as expected) for each call. I'm not 100% comfortable with this solution but it does block the pbx from trying to access other ips/ports unless a sip session has been initiated. What I'm unclear about is what ramifications does this have in terms of unsolicited inbound traffic?
I believe #2 is a form of ALG (sip helper). Generally use of this function is frowned upon because it works poorly.
For now the pbx is strictly used locally and does not accept external (from the internet via sip uri) sip calls directly unless they come through one of the configured voip provider trunks (which also works properly).
Thoughts?
↧
