Hot!SIP/RTP issue - FortiGate 100E

Author
padraig2392
New Member
  • Total Posts : 5
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/09/28 07:46:06
  • Status: offline
2018/09/28 07:59:25 (permalink)
0

SIP/RTP issue - FortiGate 100E

Hello,
 
I was wondering if anyone may be able to assist with an ongoing issue I'm experiencing with a client. The client has an internal PBX system and a SIP trunk from a third party which originally had issues with inbound RTP working. 
 
I've gone ahead and managed to rectify the problem with inbound RTP not working and audio now works both ways, although it seems the call cuts off around 5 minutes, 33 seconds each time. This issue seems to have only started since the new FortiGate 100E was installed.
 
The changes I've made were the following:
 
config system settings
set sip-helper disable
set sip-nat-trace disable
set default-voip-alg-mode kernel-helper based
end
 
config system session-helper
delete 12 (this was the voip rule) 
end
 
config voip profile
edit default
config sip
set rtp disable
end
 
diagnose sys session clear
 
Any assistance would be much appreciated.
 
Thanks,
Padraig
post edited by padraig2392 - 2018/09/28 08:07:13
#1

3 Replies Related Threads

    Johan Lysen
    Gold Member
    • Total Posts : 127
    • Scores: 0
    • Reward points: 0
    • Joined: 2004/03/03 11:32:33
    • Location: Ostersund, Sweden
    • Status: offline
    Re: SIP/RTP issue - FortiGate 100E 2018/11/29 07:16:38 (permalink)
    0
    Hi
     
    We have an 200E 5.6.6 with similar problems.
    The build in VoIP/SIP/RTP engines is disabled just about the same as you have disabled it.
     
    Incoming RTP Stream is cutoff for a small percentage of our calls.
    Sometimes it can start working again during the call
     
    It seems that the "5 min 33 sec into the call" does not apply for our fault.
    I looked in to one of the examples, and it was around 2 min 10 seconds into the call on that one.
     
    Using Wireshark and mirror ports on our switches we can see that;
    * For "no reason at all" it stops forwarding RTP packages 
    * The incoming RTP frames are seen on incoming interface, but not on the outgoing.
    * When the Sequence Number rollover from 65535 to 0 in the RTP stream, it starts working OK again!


    We cannot see any differences with the last few UDP / RTP frames or the first frame that is not forwarded.
    We have created an Fortigate Ticket today.



    Johan Lysen Consulting AB

    Johan Lysen, Johan@Lysen.nu
    Byvagen 87, 832 46 FROSON
    Mobile: +46 70 6009221

    #2
    Schmo
    New Member
    • Total Posts : 1
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/08/26 03:16:05
    • Status: offline
    Re: SIP/RTP issue - FortiGate 100E 2019/08/26 03:18:47 (permalink)
    0
    Hi Johan, Did u ever get a resolution or fix to the RTP packets getting dropped?
    #3
    kubimike
    New Member
    • Total Posts : 19
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/08/29 14:02:41
    • Status: offline
    Re: SIP/RTP issue - FortiGate 100E 2019/09/12 12:57:33 (permalink)
    0
    Try all these steps
    https://vata.com/knowledge-base/disable-sip-alg-fortigate-firewalls/

     
    #4
    Jump to:
    © 2019 APG vNext Commercial Version 5.5