Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Tazio
New Contributor III

Opening some ports on Fortnet 100F

Hi,

We are having a new phone system which is 3CX. I have been asked to open some ports.I am not sure how to do that.

There is a manual from the 3CX vendor but it is for 80C.

Can someone help me please.

(1)Disable SIP ALG

(2)

 

Screenshot 1.pngScreenshot2.pngScreenshot3.png

 

 

 

 

Thanks

Tazio

 

 

3 REPLIES 3
jackpr
New Contributor

Hi,

 

Sure.

 

This is my cheat sheet. Be warned, please verify you are deleting SIP, RAS, and H323 and these match the numbers below. They usually do.

 

To verify:

config system session-helper

show full

 

Verify that SIP, RAS and H323 are 13, 3 and 2 as mentioned below. If so, proceed as follows:

 

config system session-helper
delete 13
delete 3
delete 2
end
 
##disable sip helper and nat trace
 
config system settings
set sip-helper disable end
set sip-nat-trace disable end
end
 
#edit voip profile
 
config voip profile
edit default config
sip set status disable
end
 
- Flush ARP cache (warning - this may cause some network disruption temporarily) 
execute clear system arp table
rtichkule
Staff
Staff

Hello Tazio,

 

Please refer below document which would help in opening the ports in fortigate.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-open-a-port/ta-p/191003

 

BR

tthrilok
Staff
Staff

Hi Tazio,

 

Thank you for the query!

 

As per the topology I understand in your scenario firewall will be acting as a NAT device for your H323 traffic. In this case, you want to know how to create a NAT rule to route your traffic received on public IP to your internal server with private IP.

 

You may refer the below article:

 

>> https://community.fortinet.com/t5/FortiGate/Technical-Tip-Virtual-IP-VIP-port-forwarding-configurati...

 

+ Let us know if the above helps or needed any assistance!

 

Thank you!