VOIP With ZyWall
Freshman Member
Hi everyone, and congratulations on the initiative.
First of all, I would like to excuse you if my English is not perfect.
I explain to you my situation, in my company we went to VOIP for telephony, at the beginning we signed a contract for a single voip trunk that was managed by my Asterisk PBX1 and everything was fine. We wanted to expand the voice channels and add a new PBX2, so I signed a new contract for another VoIP trunk that would be managed by the latter PBX2.
On my USG300 I activated a new WAN to devote to this new trunk (I informed the public ip at the vendor who provides the trunk)
So the current situation is as follows:
WAN 1: 10.0.0.1
WAN 2: 10.0.0.2
IP Public Trunk 1: 192.0.0.1
IP Public Trunk 2: 192.0.0.2
NAT (Virtual Server) Int WAN2 Orig IP Any Mapped IP PBX2 Prot UDP Port SIP
I've created a new WAN_BIS area and I've associated the WAN2 port
FW rule
From WAN_BIS to LAN IP_Source 192.0.0.2 IP_Dest PBX2 Service SIP Allow
From WAN_BIS to any (including Zywall) any any any Deny
I did not insert any static route.
Data traffic behavior is not regular because voice packets go from one PBX to the other so I have problems.
Can any of you help me to solve the situation?
Thanks.
Fabio 0
Comments
-
Could you try setting the original IP in your NAT rule to be the public IP on which the traffic arrives? So for PBX2 you used the IP 10.0.0.2, then enter this into Original IP on the NAT rule.
0 -
do you mean the public who told me the trunk voip vendor?0
-
but in your opinion is correct that I did not insert any static route?0
-
Set original IP on the NAT rule to the IP address your WAN2 interface has.fabiopig said:do you mean the public who told me the trunk voip vendor?
I would wait with creating static routes, if we can solve it without it that is great. Especially if that is not the issue.fabiopig said:but in your opinion is correct that I did not insert any static route?
0 -
You could always use a policy route to route any SIP traffic from internal subnets to the WAN2 interface. NAT is intended for Port Translation (Layer 4) and routing to a single IP. It's not really meant to route IP/Layer 3 traffic to specific Interfaces.
Did you setup a dedicated subnet for your VOIP traffic?0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
