SIP and Your Firewall

SIP Trunks are supplied to your IP/PBX via the internet connection (PIPE) provided by your Internet Service Provider.  Since this pipe is typically the primary gateway between the wild west of the public internet and your organizations LAN you have a firewall in place to stop unauthorized access into your network.  VoIP/SIP is a more complicated protocol to implement than standard internet traffic. In most instances the current firewall in place will not allow SIP trunks to work.  5 minutes of research on the internet will let you know if your current firewall is “SIP Aware”.  If replacing the current firewalls proves necessary, contact your IP/PBX supplier and ask for a firewall that they have experience with.  This will save money because of the time necessary to learn a new product.  A phased approach to implementing your new SIP Trunks is advised in order to prevent any interruptions in service.  The following steps should insure a smooth transition:

1)  Order the SIP trunks from your existing ISP along with at least 20 extra DID Numbers.

2)  Contact your IP/PBX supplier to purchase any licenses necessary on the IP/PBX to connect the SIP Trunks.

3)  Schedule your IP/PBX supplier to come out on site to make the connection to the SIP trunks.

4)  Advise your IP/PBX supplier that you would like to route all outbound traffic over your new SIP trunks.

5)   Make sure that you are also using at least one of the new SIP trunk DID numbers for inbound calls.

6)  Pay particular attention to any DTMF reception issues.  VoIP, when not configured properly, will have difficulty getting Auto Attendants to recognize touch tone selections.

7)  Once confident that your SIP trunks are free of issues port your existing main number and DID numbers and then disconnect and cancel your POTs line hunt group or ISDN PRI.

Note:  Do not Port any Fax or Modem Lines over to SIP trunks.  Leave them on their individual POT’s lines.

If you are interested in a more detailed analysis of SIP and Firewall issues please read the white paper found at – 36k – 2009-12-31

Craig Hodges



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s