Configuration steps - web‑based manager
To add the SIP proxy server firewall virtual IP
1. Go to Policy & Objects > Objects > Virtual IP and select Create New.
2. Add the SIP proxy server virtual IP.
VIP Type | IPv4 VIP |
Name | SIP_Proxy_VIP |
Interface | port1 |
Type | Static NAT |
External IP Address/Range | 172.20.120.50 |
Mapped IP Address/Range | 10.31.101.50 |
To add a firewall address for the SIP proxy server
1. Go to Firewall Objects > Address > Addresses.
2 Add the following for the SIP proxy server:
VIP Type | IPv4 VIP |
Name | SIP_Proxy_Server |
Type | Subnet |
Subnet / IP Range | 10.31.101.50/255.255.255.255 |
Interface | port2 |
To add the security policies
1. Go to Policy & Objects > Policy > IPv4.
2. Add a destination NAT security policy that includes the SIP proxy server virtual IP that allows Phone B (and other SIP phones on the Internet) to send SIP request messages to the SIP proxy server.
Incoming Interface | port1 |
Source Address | all |
Outgoing Interface | port2 |
Destination Address | SIP_Proxy_VIP |
Schedule | always |
Service | SIP |
Action | ACCEPT |
3. Select Enable NAT and select Use Destination Interface Address.
4. Under UTM Security Profiles, select Use Standard UTM Profiles.
5. Turn on VoIP and select the default VoIP profile.
6. Select OK.
7. Add a source NAT security policy to allow the SIP proxy server to send SIP request messages to Phone B and the Internet:
Incoming Interface | port2 |
Source Address | SIP_Proxy_Server |
Outgoing Interface | port1 |
Destination Address | all |
Schedule | always |
Service | SIP |
Action | ACCEPT |
8. Select Enable NAT and select Use Destination Interface Address.
9. Turn on VoIP and select the default VoIP profile.
10. Select OK.