Hi!
Hardware: FG-401E
Firmware: v7.0.5 build0304 (GA)
I have created a policy with no security policies, allowing all destinations and all ports from my LAN to the WWW (we have a L2 device and a L3 device in between with only private IPv4 ACLs and a NAC only for posture evaluation of the endpoints).
I tested using Discord and Discord Canary and I could send text, files and even make Voice Calls but noticed that Video Calls have voice working but only receive 1 frame every 3-5 minutes. So Video calls are working but only 1 frame at the time.
In this policy, I've checked the logs and everything is being allowed to the WWW and being sent to the correct Interface of the FortiGate. I also noticed that Firewall and DNS server resolve all Discord names and wildcards since I compared the results with a working environment connected to a hotspot.
I tested Discord on Win10 and Win11 using the latest version of Discord and with Windows Firewall disabled but I still faced the same issues with Voice Calls.
- Using the same devices connected to a mobile hotspot everything worked fine.
- I was also able to connect the devices directly to the ISP's router and Discord worked fine.
- Since we have another branch office which has the same Firewall model, I also replicated the issue on another site.
Discord uses WebRTC and since I'm using NAT with "Use Outgoing Interface Address" I started to wonder if maybe I should be using a different type of NAT (SNAT, Dynamic NAT, Explicit IP, PAT, etc...)
I also tried disabling Protocol Port Mapping but still got the same issue.
Since I'm no expert, I would like to know if any one with a FG-401E using 7.0.5 firmware has Discord working properly? Or if you have any tips for me that might help?
Thank you in advance!
FortiGate
Created on 05-29-2022 07:34 PM
Hello @Thyruz ,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Fortinet Community Team
Hi ,
1. Can you check if there is any DOS policy configured in the firewall, if possible disable it and test call again.
2. Also did you tried to connect directly to firewall and check if the same issue happening?
Please keep us posted
Hi, apologies for the late reply.
1. There are no DOS policies.
2. I didn't try this since I found out a way around it. (Not solved 100%).
I just had to turn off the settings "Quality of Service High Packet Priority" which can be found on the Discord APP settings "Voice & Videos".
In our case, the solution only solves part of the problem because Discord is working as expected on LAN but not on VPN as "Discord’s desktop client is designed to only work in tandem with VPNs that have UDP."
Thanks again for the help but I guess this is something that can only be solved by Discord.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.