Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

FW Gold -> Watchguard for SIP Usage

Follow
Avatar
Matthew S. Webb Jr.

Hello everyone. I just installed my Firewalla Gold yesterday and so far I have been impressed with how things have been working. But one of my main objectives is to get the Firewalla connected to my Watchguard Firewall at the office using the 3rd Party VPN Option and get SIP traffic to work over the tunnel. 

I was able to get the 3rd Party VPN connection working within minutes and I have normal HTTP/S traffic and file shares accessible with better speeds even than the Watchguard Mobile VPN Client was able to provide. 

However, I have a Polycom SIP phone that I would like to work over that tunnel as well. 

I created a VLAN (VLAN20) for the Work VPN Devices. I assigned the 3rd Party VPN to that VLAN as well. 

The issue seems to be that although the SIP Phone is able to register with the SIP Server, I cannot make any calls from the phone. I have tried this from the phone itself as well as a Software SIP phone on my laptop with the same results. So it is for sure something with the routing itself as opposed to the phone specifically. 

The topology is this:

Work Network: 192.168.1.x/24 (Yes I know it's weird)

Firewalla VLAN 20 : 192.168.20.x/24

When connected to the Watchguard via 3rd Party VPN, the gateway becomes 192.168.113.1 which is the Watchguard itself, and the VPN Client on the Firewalla gets assigned a DHCP within the 192.168.113.x range. 

In the past, I was able to use AdvancedTomato on a Netgear Nighthawk and get this exact same setup to work. The only difference was that I was able to define routes where as all traffic going to 192.168.1.x was forced through the VPN Tunnel. I just don't know if there is a way to define routes like this within the Firewalla, or if this should just happen automatically in the background. 

We have quite a few remote users that are still using older IPSEC VPN Routers, but they have been unstable in the past. So I was hoping that Firewalla could provide an easy solution to those routers. 

Does anyone have any ideas on why the SIP calls will not go through? Or is this not possible because 3rd Party VPN connections are only 1-way traffic? 

Any help is greatly appreciated. 

0

Comments

0 comments

Please sign in to leave a comment.

Didn't find what you were looking for?

New post