Jun 20, 2012

How To Configure VoIP QoS On A Netgear ProSafe SRX5308

A while back my company went through a phone system change. We had a Panasonic PBX system when I first started that was a bear to use. Mainly because it was complicated, and because it wasn't a well known PBX system so finding consultants that knew it was difficult. We ended up trading up for a hosted VoIP service from 8x8. In order to make the change we had to buy a new firewall and new switches. The switches we had couldn't handle VLANs, and the Firewall we had needed to be able to handle multiple WAN links and support either WAN load balancing or failover. It could handle it, but the cost of a license from Cisco was going to be over $600, while buying a new Netgear Prosafe SRX5308 was only going to be a little over $400. Like everything at my company, we went down the cheap road.

Anyway, it took a while to figure out how to properly configure the Netgear for VoIP Quality of Service (QoS). The documentation just tells you where to setup QoS, but not how to configure it for VoIP. I finally figured it out, so I'll tell you how I did it here. There are a few places you need to make some configurations.
First, you need to create a QoS Profile

  • Security > Services > QoS Profiles Tab
  • Click Add, and create a new profile called Phones
  • Use these settings:

    Remark: Checked

    QoS: IP Precedence

    QoS Value: 7

    QoS Priority: High
Now that is set, the next thing you need to do is configure an outbound firewall rule

  • Security > Firewall
  • Under Outbound rules click Add
  • Use the following settings:
    Service: Any
    Action: Allow Always
    LAN Users: Address Range
    Start and End of your phone's IP range
    WAN Users: Any
    QoS Profile: Phones
The reason we don't specify the ports for SIP (5060/5061) is because the outbound port isn't the standard SIP port. It can be anything. Therefore we set the outbound rule to Allow Any service, but limit it to the phone IP addresses. With me so far? Good.
Finally we need to enable QoS by doing the following:

  • Network Configuration > QoS
  • Set Enable QoS to Yes, and set the QoS type to Priority
  • Add a new rule with the following settings:
    QoS Type: Priority
    Interface: The interface you want your VoIP traffic to traverse
    Service: Any
    Direction: Outbound Traffic
    Priority: High

After that, you should have decent calls. You can test your VoIP settings by using 8x8's tool here. If everything is green, you should have everything configured correctly. If after these settings changes, and everything tests green you still have dropped calls or something, you might want to up your Internet bandwidth.

[Edit 7/25/2012] - One more thing that we found after a bandwidth upgrade, was that we had to create a bandwidth profile. Our phone Internet connection is a 5Mbps connection, so I wanted the phones to have at the very minimum 3Mbps, and a Max of 5Mbps. To set that up you first have to tell the firewall what your WAN bandwidth is by going to Network Configuration > WAN Advanced Options > Upload/Download Settings for Bandwidth Profiling. After that is set do the following:

  • Got to Security > Bandwidth Profile
  • Click the Add button
  • Add a new profile with the following settings
    Profile Name: Phones
    Direction: Outbound Traffic
    Outbound Minimum: 3072
    Outbound Maximum: 5120
    Type: Group
  • Click Apply
  • Change the Enabled Bandwidth Profiles radio button to Yes
  • Go back to your outbound firewall rule we created above and add the Phones bandwidth profile to the rule.
Keep in mind that the max and min settings above are for a 5Mbps internet connection. If you have a different speed connection, you need to set it based on your environment.

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam