I have a problem with the 3cx system at my company. I switched from a Sophos SG to the XGS (UTM210 to XGS2100).
The telephony works partly wonderful, but partly not.
I first have a DNAT rule that says that all required ports for the 3cx are released on an additional IP address on the WAN interface. The access to the 3cx works fine from the outside.Otherwise the 3cx has an Any rule without filter in the direction of the WAN. I have attached screenshots.
Now it is unfortunately so that for inexplicable reasons between through calls become one-sided, or break off completely. The SIP trunk is not disconnected and no re-registration is performed. In the log I can not see what is blocked or dropped. I have also assigned the profile "VoIP Guarantee" to the 3cx, so that the system has guaranteed bandwidths and is not throttled. IPS and ATP (Advanced Protection) are also turned off or the 3cx phone system is excluded.
SIP ALG is also turned off and the UDP Time-Out Time is set to 150ms.
The system version I have is SFOS 19.0.0 GA-Build317.
have you tried to create a linked SNAT Rule for your outgoing Firewall rule?