Category: Network & Firewalls
Network & Firewall Requirements for VentureTel VoIP Services
To ensure optimal call quality and reliable connectivity with VentureTel's VoIP services, a stable high-speed internet connection with low latency and jitter is required. Sufficient bandwidth for simultaneous calls and proper router/firewall configuration are also necessary. The network firewall or router must allow outbound access to specific ports and protocols, including UDP 5060-5080 for SIP signaling and UDP 10000-20000 for RTP audio. Additionally, disabling SIP ALG and configuring Quality of Service (QoS) settings can help prevent common issues such as one-way audio and call drops.
To ensure optimal call quality, reliable connectivity, and trouble-free service with VentureTel’s VoIP platform, your local network and firewall must be configured correctly. This guide outlines both required settings and best practices for using VentureTel phones, softphones, and other VoIP devices.
📌 Basic Requirements
Your network should meet the following minimum standards:
Stable high-speed internet connection with low latency and minimal jitter
Sufficient bandwidth — approximately 100 kbps per call (up and down)
Properly configured router and firewall (details below)
🔧 Firewall & Router Configuration
Your firewall or router must allow outbound access to specific ports and protocols so devices can register and send/receive audio with VentureTel’s cloud-based platform.
Important Note:
In most environments, phones initiate outbound connections to VentureTel servers. This creates a NAT mapping that allows return traffic automatically — meaning you typically do NOT need inbound port forwarding unless specifically instructed by VentureTel support.
🚪 Required Outbound Ports
Protocol | Ports | Direction | Purpose |
|---|---|---|---|
UDP | 5060–5080 | Outbound | SIP signaling |
UDP | 10000–20000 | Outbound | RTP (voice media/audio) |
TCP | 5061 | Outbound | Secure SIP (TLS, if used) |
TCP/UDP | 443 | Outbound | Provisioning & web portal |
UDP | 123 | Outbound | NTP time synchronization (optional) |
UDP | 53 | Outbound | DNS lookups |
⚠️ Disable SIP ALG (Application Layer Gateway)
Many routers include SIP ALG, which modifies VoIP traffic and often breaks calls. This can cause:
Dropped or failed calls
One-way audio
Registration problems
Best Practice: Turn SIP ALG OFF everywhere
Common locations by vendor:
Netgear: WAN settings → Disable SIP ALG
Ubiquiti (UniFi): Disable “SIP Helper” and “SIP ALG”
SonicWall: Disable SIP Transformations
Cisco/Linksys: Look for “SIP ALG” or “SPI Firewall” and disable
🔄 NAT & Port Forwarding
Recommended settings:
Use Consistent NAT, Symmetric NAT, or Full-Cone NAT if available
Avoid double NAT (e.g., ISP modem + separate router both doing NAT)
Do NOT port forward SIP or RTP ports unless VentureTel explicitly requests it
Avoid static NAT unless using an advanced multi-phone deployment
🌐 DNS & Time (NTP) Recommendations
Use reliable DNS servers such as:
1.1.1.1 (Cloudflare)
8.8.8.8 (Google)
Enable NTP for accurate time synchronization
📞 Quality of Service (QoS)
If your router supports QoS, prioritize:
UDP 5060–5080 (SIP signaling)
UDP 10000–20000 (RTP audio)
If your network supports DSCP tagging:
EF (46) for RTP audio
AF31 for SIP signaling (optional)
For larger deployments, consider placing phones on a dedicated VoIP VLAN.
📱 Device Provisioning
Auto-provisioning is delivered via HTTPS
Ensure outbound access to TCP/UDP 443
Phones must be able to resolve hostnames using DNS
🧪 Troubleshooting Common Issues
Symptom | Likely Cause | Fix |
|---|---|---|
One-way audio | RTP blocked or SIP ALG enabled | Disable SIP ALG; allow UDP 10000–20000 outbound |
Call drops after a few seconds | NAT timeout or firewall interference | Increase UDP session timers; disable SIP ALG |
Phone won’t register | SIP ports blocked or DNS issue | Open UDP 5060–5080 outbound; verify DNS |
Choppy or delayed audio | Bandwidth congestion | Enable QoS for SIP/RTP traffic |