Switchvox phone issues

whoolly

Hello all, maybe someone here can help us out.
We have a client who connects to our Switchvox system by registering their phones over the internet to our phone server.
Sometimes, it seems kinda random, you can't make calls from one desk to another, the call will ring twice and then go to voicemail, other times it works fine.
Sometimes the same thing happens when you transfer a call. The person you are transferring to never has their phone ring, and the call goes to VM.
Sometimes when leaving a voicemail, it never actually records the message.
Again, all of this is sometimes ...
It does seem however, that when you call someone and it fails, if you immediately call them again, it works several times in a row.
This client used to be our WAN and the phones registered that way, and never had an issue.
Now, they outsourced their IT, and got another internet connection that they are using through a SonicWall appliance, so all the phones were switched to register to the public IP of our phone server over their new internet connection.
Outgoing calls from the system always seems to work fine.
The issue seemed to be that the packets being sent to the phones just again sometimes don't get there. The vendor's IT worked with Sonicwall and changed some NAT rules and some UDP settings, and that seemed to alleviate for a day, but now the issue is back.
Our phone server sits behind a Cisco ASA with a public IP NAT.
Anyone have any ideas?

gjacobse

First guess... only one of two ports needed are being passed.

gjacobse

Tagging:
@JaredBusch
@scottalanmiller

scottalanmiller

Any chance that SIP-ALG is still on on that SonicWall? SonicWalls are infamous for breaking SIP communications.

whoolly

@scottalanmiller

Hey SAM, I sent the vendor a link to the Digium SonicWall reference, http://support.digium.com/articles/FAQ/What-Are-Relevant-Sonicwall-Settings-for-Switchvox?popup=false
I will ask about the SIP-ALG.
thanks as always.

scottalanmiller

@whoolly said in Switchvox phone issues:

@scottalanmiller

Hey SAM, I sent the vendor a link to the Digium SonicWall reference, http://support.digium.com/articles/FAQ/What-Are-Relevant-Sonicwall-Settings-for-Switchvox?popup=false
I will ask about the SIP-ALG.
thanks as always.

Often it is cheaper to replace a SonicWall with higher end enterprise gear than it is to work on the existing box. That's not a stretch, that's real world. A higher end system is about $95 from Ubiquiti that doesn't have the same VoIP problems. So if the hourly billing to work on the SonicWall approaches $95 (plus the time to install the replacement) it can end up being worlds cheaper to just replace it than to fix it.

JaredBusch

Typically people buy SonicWall and such for the UTM functionality. these functions will also break things.

JaredBusch

@scottalanmiller said in Switchvox phone issues:

@whoolly said in Switchvox phone issues:

@scottalanmiller

Hey SAM, I sent the vendor a link to the Digium SonicWall reference, http://support.digium.com/articles/FAQ/What-Are-Relevant-Sonicwall-Settings-for-Switchvox?popup=false
I will ask about the SIP-ALG.
thanks as always.

Often it is cheaper to replace a SonicWall with higher end enterprise gear than it is to work on the existing box. That's not a stretch, that's real world. A higher end system is about $95 from Ubiquiti that doesn't have the same VoIP problems. So if the hourly billing to work on the SonicWall approaches $95 (plus the time to install the replacement) it can end up being worlds cheaper to just replace it than to fix it.

Not his problem.

Said company hired a third party ITSP to mangle it. It is their problem.

scottalanmiller

@jaredbusch said in Switchvox phone issues:

@scottalanmiller said in Switchvox phone issues:

@whoolly said in Switchvox phone issues:

@scottalanmiller

Hey SAM, I sent the vendor a link to the Digium SonicWall reference, http://support.digium.com/articles/FAQ/What-Are-Relevant-Sonicwall-Settings-for-Switchvox?popup=false
I will ask about the SIP-ALG.
thanks as always.

Often it is cheaper to replace a SonicWall with higher end enterprise gear than it is to work on the existing box. That's not a stretch, that's real world. A higher end system is about $95 from Ubiquiti that doesn't have the same VoIP problems. So if the hourly billing to work on the SonicWall approaches $95 (plus the time to install the replacement) it can end up being worlds cheaper to just replace it than to fix it.

Not his problem.

Said company hired a third party ITSP to mangle it. It is their problem.

Often cheaper to replace the ITSP in that case, too

whoolly

Thanks everyone, after getting the vendor all of Digium's sonic wall reference, they made all the changes and things so far appear to be back to normal.

JaredBusch

@whoolly said in Switchvox phone issues:

Thanks everyone, after getting the vendor all of Digium's sonic wall reference, they made all the changes and things so far appear to be back to normal.

Good to hear.

whoolly

Apparently spoke too soon.
The vendor providing the Sonicwall and the client are now saying same issues again.
You will call from one extension to another and it will ring twice and go to VM.
Sometimes this happens a couple of times before the call will go through.
firewall provider says that they have made all of the switchvox recommended settings.
So any other ideas?
I will try to coordinate a call between Switchvox support and the Sonicwall provider.

scottalanmiller

Could be UDP threshold settings.

whoolly

They told me that they changed it to 3600 instead of 30s.
They also said that Sonicwall told them that they had to have a NAT statement to translate my phone servers public IP into something on their network, so they are translating it to the IP of on of their switches.
That doesn't make any sense to me at all.
I have a little meraki firewall that we use for a spare cable modem connection, i put 2 phones onto that and registered the phones and have not had any issues.

scottalanmiller

@whoolly said in Switchvox phone issues:

They told me that they changed it to 3600 instead of 30s.
They also said that Sonicwall told them that they had to have a NAT statement to translate my phone servers public IP into something on their network, so they are translating it to the IP of on of their switches.
That doesn't make any sense to me at all.
I have a little meraki firewall that we use for a spare cable modem connection, i put 2 phones onto that and registered the phones and have not had any issues.

Yup, if you are paying anything for the support and this is not already all included, I highly recommend the tiny cost of buying a Ubiquiti and replacing the SonicWall. This won't just fix this one little issue, but remove technical debt and deal with issues like this long into the future.

whoolly

Client will not replace the Sonicwall and insists that they do this all the time and never have any voip issues with Sonicwall. They now want to do a L2L VPN tunnel for the voice network back to the internal IP of our PBX. I would rather not do this, but the boss wants the issue resolved.
As I said before, they are trying to do a NAT of my public IP of my PBX to the internal IP of one of their layer 2 switches .. why ... I dunno.
I am no network guru in any stretch, but this doesn't seem right at all.
see below quote from client and sonic wall

"Spoke with another Sonicwall support engineer regarding Sonicwall ticket #42488945, the VoIP phone system issue. The Sonicwall engineer noted that when traffic is initiated by the external PBX (SwitchVOX at SC Boro) the destination port is a random port number anywhere in the 10,000’s range. The Sonicwall, as it is currently configured, properly allows and forwards this traffic to the Internal SCboro Gateway which is one of the Cisco SF300 switches at 10.1.8.6. This switch does not know where to forward the traffic for this destination port. The Sonicwall engineer stated that there would have to be an internal voice server that could interpret the destination ports and forward the voice traffic to the appropriate VoIP phone, or the external SwitchVOX would have to bind the destination ports with the VoIP phone extensions."

Do you have any suggestions on where to go next?

FATeknollogee

Have you checked the "port translation" on the Sonicwall?

whoolly

I don't have any access to the Sonicwall, and am not familiar with their setup.
I can ask the vendor, what specifically should they be looking at?

Dashrender

Sounds like you need to Fire your vendor.

FATeknollogee

@whoolly said in Switchvox phone issues:

I don't have any access to the Sonicwall, and am not familiar with their setup.
I can ask the vendor, what specifically should they be looking at?

Sonicwall has a feature (that is on by default) called "port translation".
Data comes in on port x, data exits on port x+1.
This causes problems for SIP traffic.