Configuration steps - web‑based manager
To add firewall addresses for the SIP phones
1. Go to Policy & Objects > Objects > Addresses.
2. Add the following addresses for Phone A and Phone B:
Category | Address |
Name | Phone_A |
Type | Subnet |
Subnet / IP Range | 10.31.101.20/255.255.255.255 |
Interface | Internal |
Category | Address |
Name | Phone_B |
Type | Subnet |
Subnet / IP Range | 172.20.120.30/255.255.255.255 |
Interface | wan1 |
To add security policies to apply the SIP ALG to SIP sessions
1. Go to Policy & Objects > Policy > IPv4.
2. Select Create New to add a security policy.
3. Add a security policy to allow Phone A to send SIP request messages to Phone B:
Incoming Interface | internal |
Source Address | Phone_A |
Outgoing Interface | wan1 |
Destination Address | Phone_B |
Schedule | always |
Service | SIP |
Action | ACCEPT |
4. Select Enable NAT and select Use Destination Interface Address.
5. Turn on VoIP and select the default VoIP profile.
6. Select OK.
7. Add a security policy to allow Phone B to send SIP request messages to Phone A:
Incoming Interface | wan1 |
Source Address | Phone_B |
Outgoing Interface | internal |
Destination Address | Phone_A |
Schedule | always |
Service | SIP |
Action | ACCEPT |
8. Select Enable NAT and select Use Destination Interface Address.
9. Turn on VoIP and select the default VoIP profile.
10. Select OK.