VentureTel Knowledge Base
Simplified support > quick answers.

Category: Network & Firewalls

SonicWall firewall VoIP configuration

TL;DR

The default SonicWall firewall settings may cause issues with VoIP traffic, such as problems with phone registrations, dropped calls, and one-way audio. To resolve these issues, disable Consistent NAT and SIP Transformations in the VoIP settings, and also disable Stealth Mode and RTSP in the Firewall Settings. However, the TZ400 model is an exception and requires Consistent NAT to be enabled, unless it's running firmware version SonicOS Enhanced 6.2.5.3-35n. Additionally, some firmware versions have known issues that may require toggling the Consistent NAT setting to resolve VoIP problems.

The default firewall settings on SonicWall firewalls may cause issues with VentureTel VoIP traffic.  Some issues you may see are:

  1. Problems with phone registrations

  2. Dropped calls

  3. Phones not ringing

  4. One-way audio

The TZ400 is an exception to this requirement. For the TZ400 model, Consistent NAT should be enabled.

Disable Consistent NAT and SIP Transformations

  1. Go to VoIP > Settings.

  2. Uncheck the boxes next to Enable Consistent NAT and Enable SIP Transformations.

Disable Stealth Mode and RTSP

  1. Go to Firewall Settings > Advanced.

  2. Uncheck the boxes next to Enable Stealth Mode and Enable RTSP Transformations.

Additional Information

Known Issues

  • SonicWall TZ400/TZ500 requires Consistent NAT to be on. The exception to this would be if the TZ400 is on firmware version SonicOS Enhanced 6.2.5.3-35n. With this firmware version, disable Consistent NAT.

  • Firmware version 6.2.3.x causes Duplicate UDP ports regardless of NAT settings.

  • Firmware version 6.2.7 has DPI (deep packet inspection) under access groups on NSA series, which causes Call Quality issues despite rules added in.

  • Firmware version 6.2.7.x (and higher): 802.1p tagging breaks phone connectivity.

  • Additional testing has found that the "Consistent NAT" setting may need to be toggled depending on the firmware version in use. It may be necessary to toggle this setting on or off depending on the issues being experienced and then testing for stability. 

  • The following SonicWall models and firmware versions require Consistent NAT turned ON: SonicOS NSA 2600 Enhanced 6.2.2.1-14n(device needs to be restarted in order for the setting to stick)