Good Day,
First off yes RTP is a UDP type. I have been working with a level two tech at Fortinet for 3 week and we can not figure this out. Let me explain.
We have remote workers that connect their IP phone via the public Internet to the PDX on the LAN side of the firewall. There is a working VIP and security policy and the phone can make and receive calls. The issues is that our call recording appliance is port mirrored to the LAN interface and starts recording if it see a defined MAC address of a phone and RTP traffic.
I have captured data and on the WAN side in Wireshark I see RTP traffic. However on the LAN side the packet in Wireshark is displayed as UDP. Our call recording appliance does not recognize this traffic and therefor does not record.
I can reproduce this with other customers.
I have attached an image of the same packet as it enters the WAN interface and as it leaves the LAN interface for reference.
We have verified that the session-helpers are off.
User | Count |
---|---|
2552 | |
1356 | |
795 | |
646 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.