Similar to this thread : https://forum.fortinet.com/tm.aspx?m=167064
Our setup :
2xFG200E, A-P Cluster, v5.6.6
All VoIP/SIP/RTP Engines is disabled (as faar as we know how) as
config system settings
set sip-helper disable
set sip-nat-trace disable
set default-voip-alg-mode kernel-helper-based
end
delete the SIP session helper (#13 in our setup)
Our Issue :
We have around 10000 calls during a normal day
On a small percentage of these calls the sound from the Caller is just gone in the middle av the call.
The RTP stream is not present. Sometimes it´s back after 5-25 seconds.
Using Wireshark and mirror ports on our switches we can see that; * For "no reason at all" it stops forwarding RTP packages * The incoming RTP frames are seen on incoming interface, but not on the outgoing. * When the Sequence Number rollover from 65535 to 0 in the RTP stream, it starts working OK again! We cannot see any differences with the last few UDP / RTP frames or the first frame that is not forwarded. We have created an Fortigate Ticket today.
Do u see the same issue?
Is it possible to Disable the RTP engine inside the Fortigate even more?
We don' t use the SIP Proxy, but could this really start working better if we use all the VoIP/SIP/RTP engines in the Fortigate? Those parts of the firewall has caused other issues back in the days.
Johan Lysen Consulting AB Johan Lysen, Johan@Lysen.nu Byvagen 87, 832 46 FROSON Mobile: +46 70 6009221
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1502 | |
1011 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.