FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 308641

This article describes how to resolve VoIP audio issues caused by packet loss while using FortiGate.

Scope FortiGate v7.4, v7.2, v6.4.

If packet loss is causing VoIP audio issues and/or registration issues while using DoS policies, use the following command to see if VoIP trunk or PBX appears in the command output or in the anomaly logs:


diag ips anomaly list


The reason this occurs is because UDP VoIP uses a lot of UDP packets. This can create a false positive due to the number exceeding the default DoS policy threshold and dropping important VoIP packets.  


For example:




To fix the issue, increase the UDP thresholds in the DoS policies.


For example:




Related documents:

Technical Tip: Disabling VoIP Inspection.

DoS protection - FortiGate cookbook.