I have a hosted FreePBX with Cyberlynk and am trying to roll out all our Yealink 42g phones in one of our locations behind a Sonicwall soho Firewall.
I was able to get 3 phones registered and incoming and outgoing calls work with audio both ways. The issue is I cannot register anymore than 3 phones. Whenever I try and register others it fails. I am noticing the ports showing up for the endpoints that are registered in FreePBX is 5060 then 5062 and 5160 when the Yealinks are all actually just set with 5060.
On the Sonicwall I made sure the NAT Policy is set with “Disable Source Port Remap”. I ran a packet monitor on the Sonicwall and when I see the phone trying to register to the server IP I am seeing a drop error of “Drop Code: 247(NAT policy generate unique remap port failed)”
I am confused as to what is causing this and would love any advice if anyone has seen this where everything is functional but are just limited on the number of endpoints registered I assume because of some port issue. I have read all the other threads related to Sonicwall issues but my situation seems different since there are no call drop issues or one way audio.
From my experience, you only need the source port remap disabled if your PBX is behind a Sonicwall. We have a ton of clients behind sonicwalls and almost never disable it.
Also, can you please post a screenshot from your VoIP settings under the VoIP section in Sonicwall?
You mean the phone is saying it is registered from those ports? That is normal. If you leave it set on 5060, the phone will attempt to get a NAT mapping on 5060 and if not available, randomly pick a port. I never noticed it use those ports before though.
Because of random NAT mapping occurrences over the years I have started to force phones to use a unique source port based on the extension. Extension 2834 uses port 52834 for example.
Just a theory - Since you disabled source port remap, once the 5060 port has been used other phones will fail to get to the internet. The first three phones are probably still working because there are already active port remaps that won’t change until the phones go offline. (So that changing that setting won’t break active sessions)
It appears I needed to uncheck the disable source port remap as @PitzKey suggested. Once I did that the phones are registering. I haven’t been able to test in and out bound calls yet but I assume there will not be any issues. Thanks!
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.