Hi All, I wanted to seek some advice from the community to make sure i'm not missing anything before i contact Sophos Support. We are going through a rollout of about 11 of these firewalls at branch offices. ranging from XG125 down to XG85. So far we have installed 1x 125 1x105 and 2x85. When it comes to VOIP phones which are onsite they all connect to a hosted provider out on the 'cloud'. Network wise we physically split them out from the data network using an interface on the XG device or we use a VLAN. All outbound rules for VOIP traffic are done on a zone basis to define the source zone to the WAN to avoid the HTTP/S scanning in other rules which include the 'LAN' zone. the sip module is disabled using 'system system_modules_sip unload' all devices have a QoS policy applied the outbound rule for voip traffic ensure it is the highest priority and guaranteeing at least 10Mbps in some cases. All device WAN links are via BT open reach VDSL modems, so no double NAT or asymmetric routing. the only exception to this is the 125 which is connected to an EFM leased line. The problem: one way audio inbound or outbound randomly. calls not transferring inbound or outbound calls not completing. The hosted VOIP provider has reported that their systems see the phones registering and unregistering repeatedly. Interestingly..... The XG125 has roughly 30 phones going through it without issue. it's the 105s and 85s which seem to be causing me sleepless nights. the 105s have no more than 7 phones going through them and 85s have no more than 4 phones going through them. Any advice would be greatly appreciated. I'll endeavour to provide any information requested.
↧