Google Mesh Wifi with FortiGate firewall

Forum|Forum|4 years ago
December 1, 2021
1 reply
2429 views

Hello

Is it possible to use Google Mesh Wifi with FortiGate firewall and avoid double NAT?
We have Google Mesh (3 APs) connected to the network with FortiGate 61F and it works fine for normal Internet access but the problem is with Wi-Fi Calling on mobile devices - due to the double NAT WiFi Calling does not work but it's really important feature for the office users.

Thank you in advance.

FortiGate

AlexC-FTNT

Staff

*** This is not a recommendation regarding a specific router brand, and I have no experience with Google Mesh ***

Voice calls (SIP) perform an RTP port 'negotiation' through the SDP header. The double-NAT is not a problem as long as the first NAT device (Google Mesh in your case) is not SIP-aware (meaning that it sees the SIP packet and adjusts the SDP header). If you have this possibility, disable any SIP related features on the local router.
On the FortiGate, make sure the default settings are used (SIP-ALG is enabled).
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Enabling-the-SIP-Application-Layer-Gateway-ALG/ta-p/192004?externalID=FD33271

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded