Simplifi Contact (VoIP and UCaaS Solution)
      Back to home
      1. Solution Center
      2. Simplifi Contact (VoIP and UCaaS Solution)

      Simplifi Contact - Enabling QoS on a SonicWall Firewall

      The below example is based on an ISP bandwidth of 10 Mbps downstream / 10 Mbps upstream accounting for 10 concurrent calls. 1 G.711 codec call requires around 90 Kbps downstream / upstream. Please adjust your numbers as per your local setup.

      Assessing The Firewall’s Interface

      • Enter the firewall's IP address in the address bar of your web browser.
      • Enter your firewall's username and password

      VoIP Settings

      • Go to VoIP > Settings.
      • Check Enable Consistent NAT, uncheck/disable everything else.
      • Click Accept to save the settings.

      Firewall Settings

      • Go to Firewall Settings > BWM.
      • Under Bandwidth Management Type, select Global.
      • Under Priority, disable EVERY category, except Medium.

      Set values to:

      Guaranteed: 50%

      Burst: 90%

      • Enable Realtime and set values to:

      Guaranteed: 50%

      Burst: 100%

      • Click Accept to save the settings.

      Network

      • Go to Network > Interfaces > X1 (WAN)
      • Click the Configure icon on far right.
      • Go to Advance > Link Speed, and then set to Auto Negotiate

      > Bandwidth Management (at bottom)...

        • Check Enable Egress; set interface egress bandwidth to 10000.000000 (type in the upload speed in Kbps from your ISP)
        • Check Enable Ingress; set interface ingress bandwidth to 10000.000000 (type in the download speed in Kbps from your ISP).
      • Click OK to save the settings.

      Firewall

      •  Go to Firewall > Service Objects > Services

      NOTE: There may be a need to scroll down, as there are two categories, Service Group and Services.

      • Click Add Name: N2P_UDP_service_ports

      Protocol : UDP(17)

      Port Range : 1000 - 65500

      Sub type : none

      • Click OK to save the settings
      • Go to Address Objects
      • Click Add: Name : N2P_SIP_network

      Zone Assignment : WAN

      Type : Network

      Network:206.20.196.0

      Netmask: 255.255.254.0

      Name : N2P_RTP_network

      Zone Assignment : WAN

      Type : Network

      Network: 66.33.176.64

      Netmask: 255.255.255.192

      • Click Add to save and then click Close
      • Go to Address Groups
      • Click Add Group

      Name : N2P_networks group

      • Select N2P_SIP_network and N2P_RTP_network to add address object to group.
      • Click OK to save.

      Access Rules

      • Go to Firewall > Access Rules
      • Click Add to add the rule for LAN > WAN

      > in the General tab

      Action : Allow

      Service: Create New Service Group

      Name : N2P_service_ports

      Add the following port range to this group:

      N2P_UDP_service_ports

      Source : Any

      Destination : N2P_networks group

      Users Allowed :

      ALL Schedule : Always on

      > in the QoS tab

      DSCP Marking Action : Explicit

      Explicit DSCP Value : 46 - Expedited Forwarding (EF)

      > in the Ethernet BWM tab

      Enable both Inbound and Outbound Bandwidth Management; set both to 0 Realtime

      • Click Add to save and then click on Close
      • Click Add to add rule for WAN > LAN

      > in 'General' Tab

      Action : Allow

      Service : N2P_service_ports

      Source : N2P_networks group

      Destination : Any

      Users Allowed : ALL

      Schedule : Always on

      > in 'QoS' tab

      DSCP Marking Action : Explicit

      Explicit DSCP Value : 46 - Expedited Forwarding (EF)

      > in the Ethernet BWM tab

      Enable both Inbound and Outbound Bandwidth Management; set both to 0 Realtime

      • Click Add to save and then click Close