Firewall Checker - some ports open, most closed

Discussion in '3CX Phone System - General' started by redhamilton, Jun 10, 2016.

Thread Status:
Not open for further replies.
  1. redhamilton

    Joined:
    Jan 22, 2016
    Messages:
    10
    Likes Received:
    0
    Sonicwall NSA 4500 - with required "disable source port remap" hotfix
    One to One NAT
    different External/Internal FQDN

    No idea what is going on.

    NAT and Firewall access rules setup correctly. All VoIP functionality in firewall disabled.

    Going Line by line in firewall checker...

    Port 5060 open
    Port 5090 closed
    Port 9000-9005 open
    Port 9006-9255 closed

    All of the above ports are open at teh firewall..

    This makes no sense.

    Any insights?
     
  2. complex1

    complex1 Active Member

    Joined:
    Jan 25, 2010
    Messages:
    752
    Likes Received:
    38
    Hi,

    Please disable the Windows Firewall and test again.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. redhamilton

    Joined:
    Jan 22, 2016
    Messages:
    10
    Likes Received:
    0
    Ah yes, I knew I was forgetting to post something obvious.

    Yes, I've already made sure windows firewall is off....did that before even starting this.
     
  4. craigreilly

    craigreilly Well-Known Member

    Joined:
    Feb 1, 2012
    Messages:
    2,947
    Likes Received:
    179
    Do you have an outbound SNAT? I found that helped in my prior Sonic Wall setups.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. redhamilton

    Joined:
    Jan 22, 2016
    Messages:
    10
    Likes Received:
    0
    I do not.
     
  6. complex1

    complex1 Active Member

    Joined:
    Jan 25, 2010
    Messages:
    752
    Likes Received:
    38
    Hi,

    I do not use the Sonicwall NSA 4500, but when reading the “how to config” of the SonicWALL I am wondering why you don’t use the “Many-to-One NAT” config.
    I think this is a better setup. Don’t ask me why.
    http://www.3cx.com/blog/voip-howto/soni ... iguration/
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. redhamilton

    Joined:
    Jan 22, 2016
    Messages:
    10
    Likes Received:
    0
    Well, I used a One-to-one simply because I could. I have a few available Public IP's, so why not dedicate one. I'll try a many to one, since thats the scenario 3cx uses to describe setup with a sonicwall. If that doesn't work I think I'll try putting it in a DMZ.
     
  8. redhamilton

    Joined:
    Jan 22, 2016
    Messages:
    10
    Likes Received:
    0
    Just reporting back in. Figured the issue out.
    Thanks for the help.

    -Josh
     
Thread Status:
Not open for further replies.