Tuesday, August 4, 2015

Configuring Fortigate for VOIP phones behind it

These are the general steps for allowing VOIP phones behind a Fortigate to work properly.  Please also note these steps to put QoS on voice traffic for better performance.


  1. Open the Fortigate CLI from the dashboard.
  2. Enter the following commands in FortiGate’s CLI:
    1. config system settings
    2. set sip-helper disable
    3. set sip-nat-trace disable
    4. reboot the device
  3. Reopen CLI and enter the following commands – do not enter the text after //:
    1. config system session-helper
    2. show    //locate the SIP entry, usually 12, but can vary.
    3. delete 12     //or the number that you identified from the previous command.
  4. Disable RTP processing as follows:
    1. config voip profile
    2. edit default
    3. config sip
    4. set rtp disable
There might be other settings that you need to configure depending on the FortiOS version that you are using. If you continue encountering issues related to SIP ALG, please contact Fortinet Support.


No comments: