Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
support_voxia
New Contributor

Created on ‎03-24-2016 04:08 AM

Problem With Firewall FortiGate 90D, Causes our voip systems to crash

         

Hello fortinent support, we have FortiGate 90D as our firewall for our voip systems.

Since we have installed it, we experience network issues that cause real problems on our asterisk based voip systems.

Turns out that something else in our network that is taking over your systems's IPs, and seems like a routing problem that its been caused from the firewall.

We see two symptoms for this:

1 - Every week or so one of the VPSes is disconnecting calls after 6 seconds - we see a system notification and arp that shows something else in the network is using the IP of the relevant VPS.

 

[left]WARNING[19218]: chan_sip.c:3824 retrans_pkt: Retransmission timeout reached on transmission 805816439_92794992@82..166.66..147 for seqno 30155 (Critical Response) -- See https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions Packet timed out after 6400ms with no response [Mar 1 15:18:39] WARNING[19218]: chan_sip.c:3853 retrans_pkt: Hanging up call 805816439_92794992@82.166.66.147 - no reply to our critical packet (see https://wiki.asterisk..org/wiki/display/AST/SIP+Retransmissions). -- User disconnected  [/left]

 

2 - we see in monitor of VPSes behind this FW that some extensions are registered with the Gatreway IP (199.203.181.241) - see print screen:

 

      MonitorTransferHangupReboot No refresh 1 sec 3 sec 5 sec 10 sec 15 sec 20 sec 25 sec 30 sec 35 sec 40 sec 45 sec 50 sec 55 sec 1 min  ALL SIP  ALL Online Offline  ALL J  NameExtensionIP addressStatusUser-AgentOn Call501SIP/50182.81.8.7:1027OnlineYealink SIP-T19P 31.72.18.3 502SIP/50282.81.8.7:1028OnlineYealink SIP-T19P 31.72.18.3 503SIP/50382.81.8.7:1030OnlineYealink SIP-T19P 31.72.18.3 504SIP/50482.81.8.7:1026OnlineYealink SIP-T19P 31.72.18.3 505SIP/50582.81.8.7:1029OnlineYealink SIP-T19P 31.72.18.3 506SIP/50682.81.8.7:1025OnlineYealink SIP-T19P 31.72.18.3 
3080
0 Kudos
1 REPLY 1
echo
Contributor II

Created on ‎04-01-2016 04:05 AM

Are you sure the internet connection itself, cabling, port speed and duplex are all OK? Any monitoring set up there? Any user using the same internet behind that router (also kind of monitoring)? The newest firmware installed to FGT?

 

Another thing, have you turned off sip completely in FGT? When I do this, I do this in three different default configuration places from CLI.

 

Is the DHCP server in FGT? Is it possible that there are some wireless profiles defined and in use? Does DHCP-server monitoring in FGT show any IP conflicts?

936
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.