Altigen PBX setup with sonicwall
Description
Resolution
Introduction
In order to setup an Altigen PBX behind a SonicWall, a number of tasks must be performed, including the creation of a group of services, establishment of an inbound NAT policy and implementation of a firewall access rule.
An Altigen phone system uses a variety of ports, as follows:
- TCP: 10025, 10037, 10050, 10064, 1720, 10032 10027, 10028
- UDP: 69, 5060, 10060, 49152-49211
Â
Setup
Services:
For the above list of ports and protocols, create a Service Object under Firewall>Services and add each created Service Object into a Service Group called "Altigen Services".
Address Object:
Create an address object on the Network > Address Objects page called "Altigen Server" and set the ip address to the ip address of your Altigen server behind the SonicWall appliance.
NAT Policy:
Under Network>Nat Policies, Add the following NAT Policy:
- Original Source: Any
- Translated Source: Origional
- Original Destination: Wan Primary IP
- Translated Destination: Altigen Server
- Original Service: Altigen Services
- Translated Service: Original
- Inbound interface: WAN, X1, or another interface assigned to the WAN zone.
- Outbound Interface: Any
Verify the enable Nat Policy check box is checked.
Â
Access Rule:
Create an inbound access rule under Firewall>Access Rules:
- Select the WAN to LAN ZONE table.
- Add the following Access Rule:
- Source: Any
- Destination: Wan Primary IP
- Service: Altigen Services
- Action: Allow
- Be sure to check the Allow fragmented packets box.
- Click OK.
Â