Net2phone SonicWALL configuration

This guide provides detailed instructions for configuring your SonicWALL appliances to ensure all voice traffic for Net2phone services works properly. By following these steps, you'll optimize network settings, create necessary group policies, This will help ensure reliable and high-quality voice communication over your network.

The following Networks and Addresses + Ports Should Be Allowed To Ensure The Best Possible experience With Your net2phone Services.
 

SIP (Signaling) 

TCP & UDP Ports 5060 and 6070 
 

RTP (media) 

TCP & UDP Ports 1000-65500 
 

CIDR Network Ranges:

213.166.96.0 /19
111.235.152.0 /22
204.13.140.0 /22
216.53.0.0 /18
66.33.128.0 /18
206.20.0.0 /16
169.132.0.0 /16
207.202.16.0 /24
 

Individual Host Addresses:

3.95.70.177
52.201.151.226
54.209.90.200
34.233.46.241
34.234.156.107
3.208.48.15

 

IMPORTANT: Changing your firewall's configuration is critical. For more information on configuring your firewall's settings, contact the manufacturer for advanced support.
 

Accessing the SonicWALL GUI:

1. Enter the firewall's IP address in the address bar of your web browser.

NOTE: To learn how to check your firewall's IP address, refer to your firewall's documentation or contact the manufacturer for support.
 

2. Enter your firewall's username and password.
 

Configuring the SonicWALL Firewall Settings:
 

1. Under Firewall Settings/ Flood Protection, change the default UDP Connection Timeout Value from 30 to 300 seconds & ensure that UDP Flood Protection is not Enabled (disabled by default)

2. Go to Network > Services then click Add.
Name: N2P DMZ Ports
Protocol: UDP(17)
Port Range: 1000-65500
Sub-Type: None
 

Name: N2P DMZ Port 1
Protocol: UDP(17)
Port Range: 5060-5060
Sub-Type: None
 

Name: N2P DMZ Port 2
Protocol: UDP(17)
Port Range: 6070-6070
Sub-Type: None
 

On the top of Service Objects page, there should be a "Add Group" icon.

Click on it, Name the Group "N2P Port Group", and select the 3 ports ranges created and bring them over to the right column and press OK.
 

3. Go to Address Objects then click Add.
Name: N2P 1
Zone Assignment: WAN
Type: Network
Network: 213.166.96.0
Netmask: 255.255.224.0
 

Name: N2P 2
Zone Assignment: WAN
Type: Network
Network: 111.235.152.0
Netmask: 255.255.252.0
 

Name: N2P 3
Zone Assignment: WAN
Type: Network
Network: 204.13.140.0
Netmask: 255.255.252.0
 

Name: N2P 4
Zone Assignment: WAN
Type: Network
Network: 216.53.0.0
Netmask: 255.255.192.0
 

Name: N2P 5
Zone Assignment: WAN
Type: Network
Network: 66.33.128.0
Netmask: 255.255.192.0
 

Name: N2P 6
Zone Assignment: WAN
Type: Network
Network: 206.20.0.0
Netmask: 255.255.0.0
 

Name: N2P 7
Zone Assignment: WAN
Type: Network
Network: 169.132.0.0
Netmask: 255.255.0.0
 

Name: N2P 8
Zone Assignment: WAN
Type: Network
Network: 207.202.16.0
Netmask: 255.255.255.0
 

Name: N2P 9
Zone Assignment: WAN
Type: Network
Network: 3.95.70.177
Netmask: 255.255.255.255
 

Name: N2P 10
Zone Assignment: WAN
Type: Network
Network: 52.201.151.226
Netmask: 255.255.255.255
 

Name: N2P 11
Zone Assignment: WAN
Type: Network
Network: 54.209.90.200
Netmask: 255.255.255.255
 

Name: N2P 12
Zone Assignment: WAN
Type: Network
Network: 34.233.46.241
Netmask: 255.255.255.255

Name: N2P 13
Zone Assignment: WAN
Type: Network
Network: 34.234.156.107
Netmask: 255.255.255.255
 

Name: N2P 14
Zone Assignment: WAN
Type: Network
Network: 3.208.48.15
Netmask: 255.255.255.255
 

On the top of Address Objects page, there should be a "Add Group" icon.

Click on it, Name the Group "N2P All Subnets", and select N2P 1-14 and bring them over to the right column and press OK.
 

1. Go to Firewall then click Add.
Action: Allow
From Zone: LAN
To Zone: WAN
Service: N2P Port Group
Source: Any
Destination: N2P All Subnets
Users Allowed: All
Schedule: Always On
Enable  Enable Logging
Enable  Allow Fragmented Packets

Action: Allow
From Zone: WAN
To Zone: LAN
Service: N2P Port Group
Source: N2P All Subnets
Destination: Any
Users Allowed: All
Schedule: Always On
Enable  Enable Logging
Enable  Allow Fragmented Packets
 

2. Go to the VOIP Tab / Settings, General settings Make sure that   Enable Consistent NAT is checked Under SIP settings, make sure that the   Enable SIP Transformation box is unchecked 
 

3. Under the IPS Policies section, Disable IPS Rule 1188 (SIP Session Info) which may interfere with 1XX provisional SIP responses.

 

QOS Settings
 

Bandwidth Management:

1. Go to Firewall Settings >  BWM. 

2. Under Bandwidth Management Type, select  Global.

3. Under Priority, disable  EVERY category, except  Medium. Set values to: Guaranteed: 50% Burst: 90% Enable Realtime and set values to: Guaranteed: 50% Burst: 100% 

4. Click  Accept to save the settings.
 

Link Speed Settings:

1. Go to  Network > Interfaces > X1 (WAN interface) 

2. Click the  Configure icon to the right. 

3. Go to  Advance > Link Speed, and then set to Auto Negotiate > Bandwidth Management (at bottom)... • Check Enable Egress; set interface egress bandwidth to 10000.000000 (type in the upload speed in Kbps from your ISP) • Check Enable Ingress; set interface ingress bandwidth to 10000.000000 (type in the download speed in Kbps from your ISP). 

4. Click  OK to  save the settings.
 

Enabling QOS on Firewall Rules:

1. in the QoS tab DSCP Marking Action : Explicit Explicit DSCP Value : 46 - Expedited Forwarding (EF) > in the Ethernet BWM tab Enable both Inbound and Outbound Bandwidth Management; set both to 0 Realtime.  NOTE: You  MUST do this for the rules you created above for net2phone from WAN to LAN and LAN to WAN. Please ensure you double check the QoS tab for each.
 

IMPORTANT: Please consult your specific manufacturer documentation for an exact "how to" for implementing rules on your particular model/security appliance. These steps were performed on a brand new SonicWALL fresh out of the box and confirmed working. When in doubt - it is always best to reach out to the vendor with any questions.

For a comprehensive guide on configuring a Cisco Meraki please see the following article: Net2phone Cisco Meraki configuration​

• Related Articles

• Net2phone firewall configuration

  If you are experiencing poor call quality or dropped calls with your Net2phone hosted phone system, several factors could be contributing to the problem. The most common issues are often related to your Internet Service Provider (ISP), including ...

• Net2phone Cisco Meraki configuration

  This guide provides detailed instructions for configuring your Meraki appliances to ensure all voice traffic for Net2phone services works properly. By following these steps, you'll optimize network settings, create necessary group policies, add ...

• Net2phone how to point phone numbers

  In the following guide, we will demonstrate how you can route your phone numbers. Phone numbers can be routed directly to team members' phones, voicemail, or to welcome menus, ring groups, departments, and call queues. Step one would be to login to ...

• Net2phone how to forward a phone number

  Below, we will provide instructions on how to forward one of your phone numbers to an external phone number. This practice is useful in case of a power outage or if you don't have access to your phones for any reason. You can forward your main phone ...

• Net2phone how to provision your desk phone

  In the following guide, we will walk you through adding a desk phone to your Net2Phone account and associating it with a user extension. See below for a list of devices available for zero-touch provisioning) Before you begin, please note that if your ...