Sonicwall Configuration for XMission Voice

From XMission Wiki
Revision as of 09:36, 17 August 2022 by Danzmo (talk | contribs) (Create Address Group for Voice Services)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

If you have a Sonicwall and are using XMission Business or HostedPBX Voice Service you may come into issues such as:

  • Registration failure
  • Slow to dial out
  • Non-clear HD Voice quality
  • and more.

We suggest that the following settings are set up in the Sonicwall Device.

NOTE: depending on the model and firmware, the images may not match.

Consistent NAT

  1. Click on VoIP
  2. Click on Settings
  3. Select the checkbox for Enable consistent NAT
  4. Every other checkbox on this page should be unchecked
    Consistent Nat.png
  5. Click Accept

Advanced Firewall Settings

  1. Click on Firewall Settings
  2. Click on Advanced
  3. Select the check boxes for Enable Stealth Mode and Randomize IP ID
    Advanced Firewall.png
  4. Click Accept

Create Custom VoIP Services

  1. Under Network > Services click Add...
  2. Fill the popup as follows:
    • Name: VoIP RTP
    • Protocol: UDP
    • Port Range: 3000 - 65000
    • Sub Type: None
  3. Click Add
    Custom Voip.png
  4. Click on Service Groups > Add Group...
  5. Name: VOIP Services
  6. Add the following services to the right box
    • SIP
    • VoIP RTP
    • Click Add
    Custom Voip(2).png

Create LAN > WAN Rule for Services

  1. Navigate to Firewall > Access Rules
  2. Click on Matrix
  3. Click on the arrow under LAN > WAN
  4. Click on Add...
    • Source Port: Any
    • Service: VOIP Services
    • Source: Any
    • Destination: Any
    • Users Included: All
    • Users Excluded: None
    • Schedule: Always On
    • Comment: QoS for VoIP Phones
    • Enable Logging: True
    • Allow Fragmented Packets: True
    Lan Wan Rule.png
  5. Click on the Advanced tab
    • UDP Connection Inactivity Timeout (seconds): 90
  6. Lan Wan Rule(2).png

Create Address Group for Voice Services

  1. Click Firewall > Address Objects > Add
  2. Fill out the following:
    • Name: Name of the Assignment
    • Zone Assignment: WAN
    • Type: Host
    • IP Address:
    (SLC) SUMOFIBER colocation:
    (SLC) XMISSION colocation:
    (LAS) SWITCH colocation:
  3. Add each IP Address for Voice Services as an Address Object
    Address Group.png
  4. Create an Address Group and add the address objects that were created
    • Name: Voice Services

Excluding Voice Services IPs under Security Services (if applicable)

  1. Click Security Services
  2. Check each Service and see if it is enabled
  3. If so, you need to enable the Exclusion List on each service and set it to Voice Services
  4. Example: Content Filter
  1. Exclude Services.png
  1. Once you exclude it, click Accept