Sonicwall TZ170 - Warning (10) on firewall test.

Discussion in '3CX Phone System - General' started by LORD ORION, Mar 15, 2008.

Thread Status:
Not open for further replies.
  1. LORD ORION

    Joined:
    Jul 23, 2007
    Messages:
    39
    Likes Received:
    0
    If you get it going, please let me know.

    I've never been able to get this working with any VOIP at all... not just 3CX. :(
     
  2. jparisi

    Joined:
    Oct 1, 2007
    Messages:
    92
    Likes Received:
    0
    Matt,

    I feel your pain, I've been going through the same issues on a TZ-170. If you have the Enhanced OS you can created a NAT policy like so:

    Original Source: 3CX Private IP
    Translated Source: 3CX Public IP
    Original Destination: Any
    Translated Destination: Original
    Original Service: Any
    Translated Service: Original
    Inbound and Outbound Interfaces: any

    Make sure no other NAT policy are affecting it and it should let you pass the firewall test.

    JP
     
  3. spudit

    Joined:
    Jun 23, 2008
    Messages:
    1
    Likes Received:
    0
    Matt,

    We do not currently us the 3cx, but have installed a video/voip system that utilizes SIP as well as other protocols for video. Inbound calling was visible to the system, but they were dropped when trying to answer. Researching TZ170 issues, I came across this forum.

    We didn't want to put this system in a DMZ either, and after a week of frustrations figured out a solution for our problem. We assigned a static ARP entry for the LAN IP & MAC address of our system and this cleared up the problem.

    Did you come across another solution? The TZ170's were are running is getting long in the tooth and I didn't want to spring for the Enhanced software, etc. We are looking at putting in more of these systems, but do not want another repeat with a different firewall solution.

    Charlie
     
  4. jparisi

    Joined:
    Oct 1, 2007
    Messages:
    92
    Likes Received:
    0
    I've found the issue can be avoided by using multiple IP addresses. I've set up 3 sites so far, two with TZ-170's, one with a TZ-180. Both Enhanced and standard OS.

    The key is to get a block of IPs from the ISP. Do NOT use the base IP for the Sonicwall for the 3cx, give it it's own IP. Port forwarding will then work as expected.
     
  5. jparisi

    Joined:
    Oct 1, 2007
    Messages:
    92
    Likes Received:
    0
    So far, ok.

    I have some delay issues, but much better than before.

    Just installed V6 final and can't get a Grandstream phone to provision.
     
Thread Status:
Not open for further replies.