Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Unconfigured VoIP Functionality on XGS 116 – Assistance Needed

I am reaching out regarding an XGS 116 recently purchased by a client. Interestingly, VoIP functionality—both inbound and outbound—is fully operational without any specific configurations applied to the device for the VoIP provider. There are currently no rules or settings in place that should facilitate this level of connectivity.

The client utilizes an on-site Sangoma SwitchVox system, with NexVortex as the VoIP provider. I would appreciate any insights or guidance on how this configuration could be working as-is and whether there are default settings or protocols that may be enabling this functionality.

Thank you for your assistance.

Best regards,
JS



Added TAGs
[edited by: Erick Jan at 11:42 PM (GMT -8) on 3 Nov 2024]
Parents
  • Hi,

    which rule is the traffic passing through? Please posts copy of that rule.

    ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • The traffic is passing through the default network policy, which permits unrestricted LAN to WAN connections (any-to-any). At present, only two policies are in place: the default network policy and a "drop all" policy. Our PBX is successfully registered to IP address 104.xx.xx.xx, and inbound calls are functioning without issues. However, some inbound VoIP traffic from IP address 67.xx.xx.xx is being permitted by the default network policy, as indicated in the XGS log.

    The company is transitioning from CheckPoint to Sophos, this may be the issue. The CheckPoint configurations required specific inbound rules to reach the PBX and internal phones, which could differ from Sophos's approach.

Reply
  • The traffic is passing through the default network policy, which permits unrestricted LAN to WAN connections (any-to-any). At present, only two policies are in place: the default network policy and a "drop all" policy. Our PBX is successfully registered to IP address 104.xx.xx.xx, and inbound calls are functioning without issues. However, some inbound VoIP traffic from IP address 67.xx.xx.xx is being permitted by the default network policy, as indicated in the XGS log.

    The company is transitioning from CheckPoint to Sophos, this may be the issue. The CheckPoint configurations required specific inbound rules to reach the PBX and internal phones, which could differ from Sophos's approach.

Children