How do I need to configure my firewall for easybell VoIP and SIP trunking?
The procedure differs depending on which telephony configuration you want to implement. Due to the variety of firewall systems on the market, we have kept the information as precise as necessary, but as general as possible.
No matter which installation variant is involved, it is always an advantage to prioritize the Voice over IP data traffic in the network. Many router and firewall solutions offer the QoS (Quality of Service) function for this purpose, which should be activated and configured for SIP and RTP data if possible.
- NAT (Network Address Translation)
- SIP-ALG (SIP Application-Layer-Gateway)
- IGMP-Snooping (Internet Group Management Protocol Monitor)
- ICMP (Internet Control Message Protocol)
- Never activate port forwarding!
- Restrict the releases for outgoing connections to the internal IPs of the PBX/telephones.
- Restrict the access rights for incoming connections to the registrar used (sip.easybell.de, secure.sip.easybell.de, pbx.easybell.de, secure.pbx.easybell.de).
- Do not connect telephones and telephone systems via WLAN.
- If possible, do not configure telephones in subnets.
- Prioritise VoIP data traffic (QoS).
- Pay attention to the additional notes of the firewall configuration of the telephone system manufacturer.