How to configure P2P connection through Sophos Firewall.
Today we are going to share with all of you that how to configure P2P connection for VOIP Phone via Sophos Firewall. To configure all step should be clear and concept about network that what is LAN interface, IP Address, WAN interface and how data will travel and make connection between two different network.
But make sure these steps are followed by Client end when you have not any VOIP Server and third party provided you through Physical Cable or Antina. They give you their Gateway IP Address and all the setting will be implemented according to that.
Scenario:
A and B interface reserved for two ISP such as Airtel and TATA
LAN Interface C - 192.168.0.0/24 - Physical Network
WAN Interface D – 192.168.5.0/24 - Physical Network
VOIP Server – 192.168.98.100 (192.168.98.0/24) - Service Provider Network
IP Phone IP address – 172.18.1.0/24 - VOIP Network
Require steps to make P2P connection through Sophos:
1. Need to create Alias on Lan Interface such as Interface C and assign IP Address (i.e 172.18.1.1 network)
2. Need to Assign IP Address on WAN Interface D and Gateway (i.e Interface IP Address
-192.168.5.1 and Gateway IP Address – 192.168.5.2
3. Need to create two Firewall rule 1st is LAN to WAN and WAN to LAN
4. Need to create Static Route through Firewall
5. Need to Assign IP Address on IP Phone and configure Properly such as SIP ID, User Name, Authentication ID and Password.
Please follow mentioned above step by step to configure P2P connection for VOIP Phone.
Step 1: - Go on Network > Click on Add Interface > Add Alias > Select Interface C on which must create Alias (such as Interface C) > Checkmark on IPv4 > Assign IP Address such as 172.18.1.1 > Select subnet Mask (such as 255.255.255.0).
Step 2: - Go to Network > Click on Port D interface > Select Network Zone (WAN) > Check mark on Static IP > Assign IP address and Subnet (192.168.5.1 and 255.255.255.0)
Click on Routing > Click on Gateways Tab > Click on Add > Give Gateway Name (VOIP_Gateway) > Assign IP address (192.168.5.2) > Select Interface C > Checkmark on Active > Give Weight 1 > Select Default NAT Policy (MASQ) > Click on Save.
Step 3: - Click on Firewall > Add Firewall Rule > Click on User/network Rule > Give Rule Name (VOIP_LAN to WAN) > Select Source Zones (LAN) > Select Source Networks and Devices (172.18.1.0) > select Destination Zone (WAN) > Select Destination networks (192.168.98.0) > Select Services Any > Select Primary Gateway (192.168.5.2)
Note: - Don’t Select NAT policy.
Step 4: - Click on Firewall > Add Firewall Rule > Click on User/network Rule > Give Rule Name (VOIP_WAN to LAN) > Select Source Zones (WAN) > Select Source Networks and Devices (172.168.98.0) > select Destination Zone (LAN) > Select Destination networks (172.18.1.0) > Select Services Any > Select Primary Gateway (192.168.5.2)
Note: - Don’t Select NAT policy.
Step 5: - Click Routing > Click on Static Routing Tab > Click on Add in Unicast routing IPv4 > Assign Destination IP/ Netmask (192.168.98.0 Subnet 255.255.255.0) > Assign Gateway IP Address (192.168.5.2) > Select Interface such as Interface C (192.168.5.1 255.255.255.0) > Give Distance Value 0 > Click on Save.
0 comments:
Post a Comment