Category: Account

Network & Firewall Requirements for VentureTel VoIP Services

TLDR

To ensure optimal call quality, reliable connectivity, and trouble free service with VentureTel's VoIP platform, it's important to configure your local network and firewall correctly. This guide outlines the required and recommended best...

To ensure optimal call quality, reliable connectivity, and trouble-free service with VentureTel's VoIP platform, it's important to configure your local network and firewall correctly. This guide outlines the required and recommended best practices for setting up your network for use with VentureTel phones, softphones, and devices.

📌 Basic Requirements

  • Stable high-speed internet connection with low latency and jitter

  • Sufficient bandwidth for simultaneous calls (approx. 100 kbps per call, both up and down)

  • Proper router/firewall configuration (see below)

🔧 Firewall & Router Configuration

Your network firewall or router must allow outbound access to the following ports and protocols. This enables phones and devices to register and send/receive audio through VentureTel's cloud-based VoIP infrastructure.

Note: In most setups, phones initiate the connection to the VoIP servers, creating a NAT mapping that allows return (inbound) traffic. You typically do not need to allow unsolicited inbound access unless you are manually port forwarding or using custom NAT configurations.

🚪 Required Outbound Ports

ProtocolPort(s)DirectionDescriptionUDP5060–5080OutboundSIP signaling to VentureTelUDP10000–20000OutboundRTP (media/audio)TCP5061OutboundSecure SIP (TLS, if used)TCP/UDP443OutboundProvisioning & portal accessUDP123OutboundNTP (time sync, optional)UDP53OutboundDNS lookups

⚠️ Disable SIP ALG (Application Layer Gateway)

SIP ALG is a “feature” found in many commercial and residential routers that modifies VoIP packets, often corrupting SIP signaling and causing:

  • Dropped or failed calls

  • One-way audio

  • Registration issues

Best Practice: Disable SIP ALG on all routers, firewalls, and modems.

Common Brands:

  • Netgear: WAN settings → uncheck SIP ALG

  • Ubiquiti (UniFi): Disable "SIP Helper" and "SIP ALG"

  • SonicWall: Disable SIP Transformations

  • Cisco/Linksys: Look for “SIP ALG” or “SPI Firewall” and disable

🔄 NAT & Port Forwarding

  • Enable Consistent NAT, Symmetric NAT, or Full-Cone NAT if available

  • Avoid double NAT (e.g., modem + separate NAT router)

  • Do not port forward SIP or RTP ports unless explicitly instructed by VentureTel support

  • Avoid static NAT unless using an advanced multi-phone deployment

🌐 DNS and NTP Recommendations

  • Use a reliable public DNS like 1.1.1.1 (Cloudflare) or 8.8.8.8 (Google)

  • Enable NTP for time synchronization

📞 Quality of Service (QoS)

  • Prioritize:

    • UDP 5060–5080 (SIP signaling)

    • UDP 10000–20000 (RTP audio)

  • If router supports DSCP tagging:

    • EF (46) for RTP

    • AF31 for SIP (optional)

  • Consider isolating VoIP devices on a dedicated VLAN

📱 Supported Devices & Provisioning

  • Auto-provisioning available via secure HTTPS

  • Ensure outbound access to TCP/UDP 443 for provisioning

  • Phones must be able to resolve hostnames via DNS

🧪 Troubleshooting Common Issues

SymptomLikely CauseFixOne-way audioRTP blocked or SIP ALG activeDisable SIP ALG, verify UDP 10000–20000 outboundCall drops after a few secondsNAT timeout or firewall interferenceExtend UDP session timers, disable ALGPhone won’t registerSIP ports blocked, DNS issueOpen UDP 5060–5080 outbound, check DNSChoppy or delayed audioBandwidth congestionEnable QoS for SIP/RTP traffic