Hi Everyone!
This is my first post, sorry if i'm in the wrong category.
I have a problem with VoIP over SD-WAN. Let me explain
FG50E With 6.2.3 , A telephone exchange who manage all the SIP traffic and register to a cloud server (from now on SBC).
I have 1 ISP Provider who provide FIber (WAN1) and ADSL (WAN2) (Backup line)
It was doing great for 2 months (was 6.2.1), data and VPN over WAN1 and VoIP over WAN2, but one day all the telephones stopped working, no inboud call and no outgoing call. After hours of troubleshooting we noticed that if we move all VoIP traffic to WAN1 the SBC start registering again and everything started working so we did this to let our client work.
Now even if I created a SD-WAN rule to force SBC (and all VOIP traffic) over WAN2. The weird thing is despite this rule and despite it shows that the SBC is using WAN2 (in fortiview), from a packet capture i see that only some UDP packet use WAN2 and everthing else (SIP,RTP) is using WAN1!
The problem is, if WAN1 stopped working the VoIP won't work with WAN2 (i've managed even try to disable WAN1 and let everything on WAN2 but nothing happened and VoIP still don't work).
https://kb.fortinet.com/kb/viewContent.do?externalId=FD36405&sliceId=1 this was done since beginning
Now as i said I upgraded to 6.2.3 (which is more stable than 6.2.1)
https://www.reddit.com/r/fortinet/comments/ccbo0l/voip_phones_and_sd_wan_mystery/ i found this that is similar i think.
Sorry for being a bit confusional, i have fever too so thanks everyon who can help!
Since you already disabled SIP session-helper&ALG, likely the SD-WAN is causing the symptom. Your description was not clear about the timings when VoIP stopped working and when you upgraded it to 6.2.3. Did you upgraded after it stopped working?
For virtually all SD-WAN issues, without seeing actual config for rules and routing-table, and debugging output at the time, then eventually sniffing the traffic on the interface, it's very difficult to even guess what's going on. Besides, when I tried upgrading my home 50E from 6.0.7 to 6.2.3 it was somewhat unstable, so I immediately went back (actually upgraded to 6.0.8 after that).
So, your best chance is to let TAC look at it by opening a ticket. Another SD-WAN case in the forum, they changed OP's set-up to mitigate a bug.
Hey,
I have the same problem of forcing specific traffic to a particular SD-WAN interface. Manual interface selection is ignored. I have a ticket, I will inform you.
Jirka
Is your case 6.2.3 as well?
Yes, 6.2.3 on 100E
sigmasoftcz wrote:Any news?Hey,
I have the same problem of forcing specific traffic to a particular SD-WAN interface. Manual interface selection is ignored. I have a ticket, I will inform you.
Jirka
supportombm wrote:sigmasoftcz wrote:Any news?Hey,
I have the same problem of forcing specific traffic to a particular SD-WAN interface. Manual interface selection is ignored. I have a ticket, I will inform you.
Jirka
No. They still searching and debugging
Jirka
sigmasoftcz wrote:supportombm wrote:sigmasoftcz wrote:Any news?Hey,
I have the same problem of forcing specific traffic to a particular SD-WAN interface. Manual interface selection is ignored. I have a ticket, I will inform you.
Jirka
No. They still searching and debugging
Jirka
Downgraded to 6.0.6 problem still occurs... i'm gonna give a try to install a new one.
sigmasoftcz wrote:supportombm wrote:sigmasoftcz wrote:Any news?Hey,
I have the same problem of forcing specific traffic to a particular SD-WAN interface. Manual interface selection is ignored. I have a ticket, I will inform you.
Jirka
No. They still searching and debugging
Any news now?
Jirka
Still having the same issue? Could you solve the Problem?
We have the same.
BR
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.