- TZ Series - Should have firmware 5.8 or greater!! Many bugs with old stuff. Have verified that they DO have to register the device, but it does NOT require a paid subscription to download the firmware.
 Image Removed
- VoIP Settings - SHOULD ALL BE OFF:
- Enable Consistent NAT is DISABLED
- SIP Transformations is the same thing as SIP ALG and should be DISABLED
 Image Removed - Firewall Rules - THE MOST IMPORTANT PART!!
- We need to create a specific rule allowing ANY traffic to go from the internal LAN to the WAN (public internet).
- First step is to create an Address Object that will contain the IP address of the server. First make sure you have this (Usually just ping the host they are on, ie ping pbx.persephone.io will return 54.183.173.52)
- Once you have this, go to the Firewall tab, and select Address Objects
- **Scroll all the way down past the groups, and select "Add Address Object" - NOT an address group
 Image Removed - Add the settings as below (using the IP address you now have from the step above)
 Image Removed - Now to add the rule, Go to the Firewall tab, and select the "Matrix View"
- Select the from LAN to WAN button as below:
 Image Removed
- From the next screen, select add rule and then configure as shown below. Make sure that all settings match exactly - MAKE SURE TO FOLLOW THE NEXT STEP ALSO BEFORE SAVING:
 Image Removed
- **IMPORTANT
- Now go to the advanced tab, and change the UDP Connection activity timeout to 3600 seconds:
 Image Removed
**It may take several minutes (up to 60) for the phones to properly re-register. You can reboot all phones if you would like to make this happen quicker. |