UCM6300, UCM RemoteConnect - SonicWALL


#1

Anyone have any issues with UCM Remote Connect not working behind a SonicWall router?
I have a new system install and the 3rd party IT Router not allow remote phones to work, they register but the call signaling doesnt seem to be getting through.

UCM Remote Connect Test shows, STUN and TURN failing.

IT company says they are not blocking anything, I have advised to turn off SIP ALG and any VOIP Modifiers, still same issue.

Also this system was all setup in house and remote phones working even behind a double NAT test bench.

Has anyone seen this before and know what to change in the SonicWall?


#2

not all firewalls handle the SIP protocol correctly, it depends on the NAT mode, inquire about this thing and ask if there are any updates or changes that can be made on the Firewall.


#3

Thanks, yes I know this, I program many routers myself.

I have tried to have them turn some settings off/on.

Outbound NAT Policy with Source Port Remap disabled/Checked.

Policy set higher priority then the default NAT Policy.

Allow Fragmented Packets = checked

SIP Transformations Disabled.

Consistent NAT Enabled.

Still issue seems to remain.


#4

I usually replace Sonicwall’s with Cisco / Meraki / Mikrotik / Watchguard / Draytek… I found Sonicwalls gui to be ordinary and cumbersome.


#5

I share with you the standard config we ask 3rd party vendors to ensure is on the SonicWall.

1)Sonicwall version firmware min 5.9 or greater

2)Firewall => Advanced tab => udp connection inactivity timeout change to 120 ( default is 30)

3)if QOS is required ( converged networks over 50 users ) we need to mark DSCP value
DSCP marking settings = Explicit / 46 Expedited fwd
802.1p = Explicit / 6 Voice

  • this setting we will adjust under review meaning you will not set this up has our standard /default

4)Voip settings disable sip transformations and enable consistent nat.


#6

Dear user,

Thank you for sharing these information with us! I will try to collect more inforamtion about this from other users. Thanks for all your testing!

Thank you!


#7

Thanks for this info, I am sending them this along with what we have already indicated and we will see if it works, I will report back.


#8

Still same issue SonicWall is not allowing the Stun and Turn servers to passthrough.
I advised them to contact there SonicWall Support.


#9

They have to set a allow rule for stun lan to wan rule originating from lan to allow stun protocol or it will not work
http://software.sonicwall.com/applications/app/index.asp?ev=sig&sigid=13927

here is also link on sonicwall forum discussing how to allow TURN you can send to company managing Sonicwall to have a read and assist you.


#10

Thanks that was the final piece needed.

I just had them add the stun lan to wan rule originating from lan.

Remote Connect test passed.
Remote GRP phones working.


#11

Dear all,

Thank you all for sharing these information to us! Thanks for all your testing!

Thank you!


#12

In your setup, do you have a patch cord coming out from a switch and into the LAN jack on the UCM?


#13

Dear all,

We will add these comments in the FAQs of UCM63xx and share with our other users. Thanks!

Thank you!