Hello fortinent support, we have FortiGate 90D as our firewall for our voip systems.
Since we have installed it, we experience network issues that cause real problems on our asterisk based voip systems.
Turns out that something else in our network that is taking over your systems's IPs, and seems like a routing problem that its been caused from the firewall.
We see two symptoms for this:
1 - Every week or so one of the VPSes is disconnecting calls after 6 seconds - we see a system notification and arp that shows something else in the network is using the IP of the relevant VPS.
[left]WARNING[19218]: chan_sip.c:3824 retrans_pkt: Retransmission timeout reached on transmission 805816439_92794992@82..166.66..147 for seqno 30155 (Critical Response) -- See https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions Packet timed out after 6400ms with no response [Mar 1 15:18:39] WARNING[19218]: chan_sip.c:3853 retrans_pkt: Hanging up call 805816439_92794992@82.166.66.147 - no reply to our critical packet (see https://wiki.asterisk..org/wiki/display/AST/SIP+Retransmissions). -- User disconnected [/left]
2 - we see in monitor of VPSes behind this FW that some extensions are registered with the Gatreway IP (199.203.181.241) - see print screen:
MonitorTransferHangupReboot No refresh 1 sec 3 sec 5 sec 10 sec 15 sec 20 sec 25 sec 30 sec 35 sec 40 sec 45 sec 50 sec 55 sec 1 min ALL SIP ALL Online Offline ALL J NameExtensionIP addressStatusUser-AgentOn Call501SIP/50182.81.8.7:1027OnlineYealink SIP-T19P 31.72.18.3 502SIP/50282.81.8.7:1028OnlineYealink SIP-T19P 31.72.18.3 503SIP/50382.81.8.7:1030OnlineYealink SIP-T19P 31.72.18.3 504SIP/50482.81.8.7:1026OnlineYealink SIP-T19P 31.72.18.3 505SIP/50582.81.8.7:1029OnlineYealink SIP-T19P 31.72.18.3 506SIP/50682.81.8.7:1025OnlineYealink SIP-T19P 31.72.18.3
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Are you sure the internet connection itself, cabling, port speed and duplex are all OK? Any monitoring set up there? Any user using the same internet behind that router (also kind of monitoring)? The newest firmware installed to FGT?
Another thing, have you turned off sip completely in FGT? When I do this, I do this in three different default configuration places from CLI.
Is the DHCP server in FGT? Is it possible that there are some wireless profiles defined and in use? Does DHCP-server monitoring in FGT show any IP conflicts?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1710 | |
1093 | |
752 | |
446 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.