Overview
The following Quality of Service values are used with all phones registered to the Primevox infrastructure. All router models by these manufacturers are supported by our VoIP services.
SIP Signaling: 26 / AF31 / 0x68 (UDP or TCP)
RTP Audio: 46 / EF / 0xB8 (UDP Only)
SIP Ports: 8643 (UDP), 8645 (TCP), 8647 (TLS)
RTP Ports: 10,000-40,000 UDP
Cisco Meraki QoS Settings
Here are the QoS settings to use for Cisco Meraki security gateways and switches. These settings can be set in Switches → Switch Settings.
Please note, the RTP ports shown (11780-12780) are for Yealink phones. Please look at the top of this article for ports specific to your phones.
Some Meraki firmware versions may look different. Here is another screenshot for the same configuration from a newer Meraki unit.
To create these rules, you must use Expressions. For port numbers, simply enter the port number or the port range, like "4242" or "5060-5062"
Sonicwall QoS Settings
Before anything, go to the VoIP tab and enable Consistent NAT and disable SIP Translations/Transformations.
1. Go to Firewall Settings → BWM.
2. Enable Realtime and Medium. Disable everything else.
3. Set Realtime "Guaranteed" to 50%.
4. Set Medium "Guaranteed" to 50%.
5. Set Realtime "Maximum/Burst" to 100%.
6. Set Medium "Maximum/Burst" to the following:
- For 10 or fewer phones, 95%.
- For 11-25 phones, 90%.
- For 26+ phones, 85%.
7. Save this screen.
8. Go to Firewall → Address Objects.
9. Click 'Add' to add an Address Object.
- Name it 'IP Phone X', increasing X since these must have unique names.
- Assign it to zone LAN
- Set Type to MAC Address
- Populate the MAC Address field with a phone's mac
- REPEAT This for every IP Phone on your network, and each phone's MAC.
10. Under "Address Groups", click 'Add Group...' to add an Address Group.
11. Name your group "IP Phone Group" and populate it with all your new IP Phone X objects.
12. Save this new group.
13. Go to Firewall → Access Rules
14. Add a new Rule.
- Action: Allow
- From: LAN
- To: WAN
- Source Port: Any
- Service: Any
- Source: IP Phone Group
- Destination: Any
- Users Included: All
- Users Excluded: None
- Schedule: Always On
- Allow Fragmented Packets: YES
- Disable DPI: YES (Never enable DPI on IP phones!!!)
- Advanced Tab: TCP Connection Timeout: 60 Minutes
- Advanced Tab: UDP Connection Timeout: 600 Seconds
- QoS Tab: DSCP Marking Action: Explicit
- QoS Tab: Explicit DSCP Value: 46 - Expedited Forwarding (EF)
- BWM Tab: Check Egress. Set it to 0 Realtime.
- BWM Tab: Check Ingress. Set it to 0 Realtime.
15. Save this rule.
16. {Insert reflexive rule instructions here}
17. All done!
Ubiquiti EdgeRouter (EdgeMAX) / USG QoS Settings
You must log into the router's CLI via SSH (or through the web GUI) and issue the following commands. Make sure to change the RTP port range to whichever manufacturer your phones are! Also, make sure you apply the firewall rules to your WAN port. This guide assumes WAN is Eth1 and that the customer has Yealink phones.
configure
set firewall modify SETDSCP_IN rule 1 action modify
set firewall modify SETDSCP_IN rule 1 destination port 11780-12780
set firewall modify SETDSCP_IN rule 1 modify dscp 46
set firewall modify SETDSCP_IN rule 1 protocol udp
set firewall modify SETDSCP_IN rule 2 action modify
set firewall modify SETDSCP_IN rule 2 source port 4242
set firewall modify SETDSCP_IN rule 2 modify dscp 46
set firewall modify SETDSCP_IN rule 2 protocol tcp
set firewall modify SETDSCP_IN rule 3 action modify
set firewall modify SETDSCP_IN rule 3 source port 4242
set firewall modify SETDSCP_IN rule 3 modify dscp 46
set firewall modify SETDSCP_IN rule 3 protocol udp
set firewall modify SETDSCP_IN rule 4 action modify
set firewall modify SETDSCP_IN rule 4 source port 5060-5062
set firewall modify SETDSCP_IN rule 4 modify dscp 46
set firewall modify SETDSCP_IN rule 4 protocol tcp
set firewall modify SETDSCP_IN rule 5 action modify
set firewall modify SETDSCP_IN rule 5 source port 5060-5062
set firewall modify SETDSCP_IN rule 5 modify dscp 46
set firewall modify SETDSCP_IN rule 5 protocol udp
set firewall modify SETDSCP_OUT rule 1 action modify
set firewall modify SETDSCP_OUT rule 1 source port 11780-12780
set firewall modify SETDSCP_OUT rule 1 modify dscp 46
set firewall modify SETDSCP_OUT rule 1 protocol udp
set firewall modify SETDSCP_OUT rule 2 action modify
set firewall modify SETDSCP_OUT rule 2 destination port 4242
set firewall modify SETDSCP_OUT rule 2 modify dscp 46
set firewall modify SETDSCP_OUT rule 2 protocol tcp
set firewall modify SETDSCP_OUT rule 3 action modify
set firewall modify SETDSCP_OUT rule 3 destination port 4242
set firewall modify SETDSCP_OUT rule 3 modify dscp 46
set firewall modify SETDSCP_OUT rule 3 protocol udp
set firewall modify SETDSCP_OUT rule 4 action modify
set firewall modify SETDSCP_OUT rule 4 destination port 5060-5062
set firewall modify SETDSCP_OUT rule 4 modify dscp 46
set firewall modify SETDSCP_OUT rule 4 protocol tcp
set firewall modify SETDSCP_OUT rule 5 action modify
set firewall modify SETDSCP_OUT rule 5 destination port 5060-5062
set firewall modify SETDSCP_OUT rule 5 modify dscp 46
set firewall modify SETDSCP_OUT rule 5 protocol udp
set interfaces ethernet eth1 firewall in modify SETDSCP_IN
set interfaces ethernet eth1 firewall out modify SETDSCP_OUT
commit
save
Fortigate / Fortinet QoS Settings
Make sure to disable the SIP Helper/SIP ALG:
- ~# telnet firewall
- config system settings
- set sip-helper disable
- set sip-nat-trace disable
end
config system session-helper
- show <—- use this to find out which entry is configured for typically 12 or 13
- delete 12
- end
Related Articles
Non-Approved Routers and Modems
Overview This is an ongoing list of routers/modems known for their lack of VoIP reliability. If you would like to see a list of approved routers, please view the article called "Approved Routers / Quality of Service". Cisco RV Series These are not ...
API Routers
What is an API Router? An API (Application Programming Interface) is a set of rules and tools that allows software applications to communicate with each other. An API Router is a tool that lets you route calls based on real-time information from ...
Extension Settings
Introduction What is an Extension? An extension is a unique number assigned to a user, phone, or device within your organization’s phone system. It serves as a direct internal line, allowing colleagues to reach each other quickly without dialing full ...
Call Flow Settings
What Are Call Flow Settings? Call Flow Settings allow users customize how calls are routed based on the time, preset rules, or manual override toggles. This includes things like setting business hours, creating special schedules for holidays, and ...
Recommended Internet and Network Settings
Overview For optimal performance and reliability with Primevox services, certain internet and network configurations must be applied to your firewall, router, and other network equipment. These settings ensure stable SIP registration, consistent call ...