Timeout NAT session
Good morning everyone,
I have this question: What can happen to the firewall if it blocks 4 to 10 access requests every minute? Could it affect some devices on the internal lan that need to maintain active NAT sessions?
Because sometimes IP phones show "No Service" for 1 or 2 minutes and then come back to work.
I have a USG FLEX 50 (USG20-VPN), connected via wan with public IP on Vodafone connection.
And I set NAT session with command "session timeout udp-connect 120 "
Thank you
All Replies
-
session timeout udp-connect 120 means the timeout for UDP sessions to connect or deliver and for ICMP sessions. You may want to verify with the phone manufacturer/provider to see how often the phone checks registration and then increase UDP session timeout.
And 10 access blocks every minute, I also don't it would cause a flood attack.
1 -
UDP session with VoIP service may be timing out causing the phones to lose connection. Please try Increasing the UDP session timeout to 180 seconds or more.
Do you enable SIP ALG?
Did the monitor log show anything while no service?
0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
