1. Help Center
  2. General Router Settings and Network Tools

Configuring your Sonicwall for Kinect

This configuration is on a Sonicwall TZ205 with 5.9.1.7-2o firmware (GUI version 6), but should be relatively similar for all models.

Note: Sonicwall's IPS service has been known to block VoIP even if you have these rules set as it confuses it for a DDoS attack.  If you lower the protection level from high, it generally fixes it.  

Note: The FQDNS on this doc are for APOLLO clusters.  You should follow this doc and use the server addresses your site/customer is associated with:

Generic Firewall Settings

We recommend the TZ series for no more then 25 phones.  If you plan to expand beyond that we recommend the NSA series.

1. Consistent NAT

Ensure "Enable Consistent Nat" is checked

Sonicwall1

2. Enable WAN BWM (Bandwidth Management)

Ensure advanced is checked as seen below

Sonicwall2

3. Enable BWM on WAN

Click the configure pencil located next to your primary WAN connection

Sonicwall3

Under the bandwidth management section, check both enable Egress and Ingress.  Egress is the upload speed of your internet connection.  Ingress is the download speed.  Best practice is to run a speed test before setting these options.  The example below shows a 100MBPS download and 35MBPS upload speed connection.

Sonicwall4

4. Create LAN>Wan firewall rule to allow and prioritize all traffic to both Kinect Servers

Sonicwall5

Sonicwall6

You are going to create a rule that allows all traffic to our server as seen in the screen shots below.  Under the destination submenu click "create new network" to add our servers.  You will build this rule three times, two using our NJ servers FQDN of core2-nj.syntelsolutions.com & core-nj.syntelsolutions.com, and the third rule will use our FL server of core-fl.syntelsolutions.com

Sonicwall7

Sonicwall8

Then under the QOS tab, change DSCP to "Explicit"

Sonicwall9

Under the BWM tab, check enable Egress and ingress, under the drop down you will create a new bandwidth object.  You will use this for both inbound and outbound firewall rules as you will see later.  The best rule of thumb is to guarantee about 25% of the bandwidth to the phones, and to allow 100% if needed.  This way phone calls always will have priority, but not use the entire connection when not in use.

Sonicwall10

Sonicwall11

Sonicwall12

Sonicwall13

5. Now we go back to access rules, to create a similar rule from WAN>LAN

Sonicwall14

Here you will build similar rules to LAN>WAN, the only difference being we will be changing the "Source" to the Kinect Servers, and the other options to "any".  Therefore creating a rule saying all traffic ONLY from our servers, is allowed and prioritized.

Sonicwall15

Be sure to set the QOS and BWM tabs the same as the previous rules 

 

Congrats!  You've successfully configured your firewall for the Syntel Solutions UCaas Platform.

 

Download the PDF

SonicWallApolloGuide