phone
Sales & Support - 1-866-667-8357

Firewall Settings with Digitcom SIP Trunks

Port forward all outside traffic coming in on port-5060 (UDP/TCP) to the IP address of the IP office.

  • Please ensure that only Digitcom's IP Subnets 199.175.43.0/24 and 45.42.27.0/24 are port forwarded on your firewall to your IP Office to prevent unauthorized access from any other internet IP addresses.
  • Please open RTP ports for audio. Please note, default IP Office ports should be 46,750 - 50,750. Otherwise, check your PBX for audio ports.
  • Please make sure that there is no SIP inspection/SIP Transformations enabled depending on your firewall.
  • Please turn off ALG (Application Layer Gateway).
  • For more information about Firewall settings and SIP, Please visit this page: Routers SIP ALG.

     

    Cisco Firewall

    • If you are using a Cisco Firewall, type the following commands:
    • No ip nat service allow-sip-even-RTP-port
    • No ip nat service sip tcp port 5060
    • No ip nat service sip udp port 5060

    Please refer to this page: Routers SIP ALG.

     

    Sonic Wall

    If you are using a Sonic Firewall, do the following settings and refer to the website link for reference

    • Uncheck Enable SIP Transformations.
    • Create inbound firewall/NAT rules for the ports you need.
    • Try turning off Consistent NAT and configuring outbound NAT policies for your traffic, using the same port numbers as for the inbound traffic, for example, UDP 5060 for SIP Signaling.

    Website Link: http://www.voipmechanic.com/sonicwall-voip.htm

     

    Fortinet

    There are typically two VOIP profiles on a factory shipped Fortinet firewall. You may need to disable both profiles to fully stop the ALG. Use the following commands:

    config voip profile
    edit VoIP_Pro_2
    config sip
    set status disable
    end
    end