This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Faulty Secondary link causes Phone's to disconnect.

HI All,

I have a issue at one of my client running a UTM SG310 unit. This is regarding their VOIP using hosted PBX (2 different providers as there are 2 entities on 1 utm)  

Let me just give you all the info to explain the issue.

Physical setup

2 Wan connections Separate ISP's

Uplink interfaces

Primary 300Mbps Fiber (weight 100) - Latency to 8.8.8.8, 1MS

Secondary 100Mbps Radio link  (weight 80) -  Latency to 8.8.8.8, 8-12MS

Lan > 172.16.0.0/22

Phone vlan17 (phones) 192.168.243.0/24 GW> UTM > DNS 172.16.0.170 (DC) - QOS set  Firewall rules only allows connections to the Hosted PBX (any service) Second Firewall rule allows DNS and Time server to DC 172.16.0.170. This is also the DHCP server.

Phone Vlan 2 (phones) 192.168.250.0/24 GW> UTM > DNS 172.16.0.170 (DC) - QOS set Firewall rules only allows connections to the Hosted PBX (any service) Second Firewall rule allows DNS and Time server to DC 172.16.0.170. This is also the DHCP server.

Vlan 2 and 17 is set to bypass IPS, SIP ALG Disabled. 

This is 2 separate BPX providers for 2 entities using the same firewall. 

Multipath rules for both is set to Use Primary link. Only skip rule if interface is in error. 

Masquerading For both Vlan interfaces is set to Uplink interfaces. 

There are more interface rules but does this matter does not involve them.

The Cause of issue.

The Secondary Link is "flapping" ISP is investigating matter. (link goes down randomly between 20 Sec and up to 10 Min) 

Primary Link stable.

The issue.

When the secondary link Goes offline, a lot of the phones will randomly discconect from the hosted PABX providers. Both vlan 2 and 17. 

They will reconnect but takes some time. This happens each time the secondary link drops. *primary is up and stable

When i monitor by interface, there are no traffic goin to the secondary link from any of these 2 vlans. 

What i have tried.

I have changed the Masquerading to force both Vlans to the primary link.

I have changed the LAN also to only connect over primary

The only time the issue goes away, is when we physically unplug or turn off the interface on the UTM. 

The ISP is working in resolving the matter on their end. however it should not cause the phones to go offline.

Any suggestions as to what i have misconfigured. 



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    Do you have both the interfaces added to the Active interface under Uplink Balancing? If yes, I'd suggest you configure a Multipath rule with services(Ports) that the phone system communicates with and bind the rule to the working interface. Once the second ISP resolves the issue, you can turn off or delete the multipath rule.

    More information: 

    Thanks,

  • Hi There,

    Thank you for your reply.

    I have both links as active. the primary is set to weight 100 and secondary to 80. 

    I have indeed configured Multipath rules as seen. 

    Both Vlan 2 and 17 is configured this way. (cipherwave-300 is my primary line)

    Destination is the VPBX provider.

    That is why I am so confused as to why this is happening. 

    I went as far to force the Masquerading only to the primary link. Same result.

    Any suggestions? 

Reply
  • Hi There,

    Thank you for your reply.

    I have both links as active. the primary is set to weight 100 and secondary to 80. 

    I have indeed configured Multipath rules as seen. 

    Both Vlan 2 and 17 is configured this way. (cipherwave-300 is my primary line)

    Destination is the VPBX provider.

    That is why I am so confused as to why this is happening. 

    I went as far to force the Masquerading only to the primary link. Same result.

    Any suggestions? 

Children