Knowledge Base

How to Manage Voice Traffic?

Scenario

This is an example of using Application Layer Gateway (ALG) to allow the SIP (Session Initiation Protocol) voice traffic through the ZyWALL/USG. To achieve high-quality voice transmissions, use ZyWALL/USG provides Bandwidth Management (BWM) function to effectively manage bandwidth according to flexible criteria. You can limit bandwidth consuming services, such as Peer-to-Peer (P2P) and FTP service while providing a higher priority and consistent bandwidth for voice traffic.

Step

Set Up the SIP ALG on the ZyWALL/USG

1. In the ZyWALL/USG, go to CONFIGURATION > Network > SIP > SIP Settings, select Enable SIP ALG, Enable SIP Transformations (optional), Restrict Peer to Peer Signaling Connection and Restrict Peer to Peer Media Connection. Make sure the SIP Signaling Port is configured the same as your VoIP phone SIP signaling port. Click Apply.

Set Up the Bandwidth Management for SIP on the ZyWALL/USG

1. In the ZyWALL/USG, go to CONFIGURATION > BWM > BWM Global Settings, select Enable BWM and Enable Highest Bandwidth Priority for SIP Traffic.

Set Up the Bandwidth Management for P2P on the ZyWALL/USG

1. In the ZyWALL/USG, go to CONFIGURATION > BWM > Configuration > Add Policy, select Enable and type P2P Any-to-WAN as the policy’s Description.

Leave the Incoming Interface to any and select the Outgoing Interface to be WAN1. Select Service Type to be the Application Object and select P2P from the list box.

Set the Guaranteed Bandwidth Inbound to 100 (kbps) and set Priority 5. Set the Maximum to 150 (kbps). Set the Guaranteed Bandwidth Outbound to 100 (kbps) and set Priority 5. Set the Maximum to 150 (kbps). Click OK to return to the General screen.

Set Up the Bandwidth Management for FTP on the ZyWALL/USG

1. In the ZyWALL/USG, go to CONFIGURATION > BWM > Configuration > Add Policy, select Enable and type FTP Any-to-Any as the policy’s Description.

Leave the Incoming Interface to any and select the Outgoing Interface to be WAN1. Select Service Type to be the Service Object and select FTP from the list box.

Set the Guaranteed Bandwidth Inbound to 150 (kbps) and set Priority 5. Set the Maximum to 200 (kbps). Set the Guaranteed Bandwidth Outbound to 150 (kbps) and set Priority 5. Set the Maximum to 200 (kbps). Click OK to return to the General screen.

Verification

Test the Result

1. Add a Security Policy rule to view the SIP log:

2. Dial Phone Number 1001 (192.168.10.2 in this example) from Phone Number 1002 (192.168.100.2 in this example), go to the ZyWALL/USG Monitor > Log, you will see [alert] log message such as below. The Destination IP address is the SIP Server IP address.

3. Go to the ZyWALL/USG Monitor > Traffic Statics and review the SIP traffic and other services to optimize the Guaranteed and Maximum BMW of bandwidth consuming services.

What Can Go Wrong?

If you see [alert] log message such as below, the voice traffic is blocked by the priority 1 Security Policy. The ZyWALL/USG checks the security policy in order and applies the first security policy the traffic matches. If the voice traffic matches a policy that comes earlier in the list, it may be unexpectedly blocked. Please change your policy setting or move the voice traffic policy to the higher priority. 



YES NO

Please leave your comment:

SUBMIT

Question Profile

LANGUAGE:
ARTICLE ID:015532
TYPE:Application / Configuration Example
FIRMWARE:4.13 and above
VIEWS:9505
VOTES:20
TECHNOLOGY:
MODEL:USG110,USG1100,USG1900 (view more model name)

Still have trouble with your device? Contact Zyxel technology support team directly!

Contact Zyxel Support