SA520 VoIP Quality

mdioriouent · ‎02-09-2011

Just got the SA520 for our Dual WAN setup. So far so good. A few quirks setting it up, but overall a decent security appliance. The SA520 is an upgrade to an RV042, which is an abysmal device that I wouldn't wish on my enemies. It completely blocked my SIP packets, even with the firewall off, and SPI disabled. It allowed SQL attacks to our server even though ports were blocked by the Deny All rule (had to manually block the attackers IP in the firewall). It messed with our HTTPS traffic in Dual WAN mode, causing web pages errors all over the place. I think it might have been related to either malformed SNAT or it not listening to the protocol binding. However...I'm having an issue with my VoIP call quality on the SA520.

Here's my setup. Dual Wan in Load balance mode. SIP UDP 5060, RTP UDP 10000-20000 bound to primary WAN. QoS enabled with Bandwidth Management set up the up/downstreams for each WAN connection. I created a SIP bandwidth profile with a bandwidth range of 1-1000kbps and a priority of Urgent. I added SIP-UDP and RTP to the QoS traffic selection matching DSCP of 24 and binding it to the SIP profile. In Port DSCP mapping, I set 24 to Highest. Under Attacks, I disabled Block Fragmented Packets. SIP ALG is enabled.

I have a PBX In A Flash Asterisk Box set up and hosted in the cloud. For testing purposes, firewall is dropped and Extensions are locked to my static IPs.

At my house, I have configured the XLite softphone to connect to my asterisk server and everything works flawlessly. Call quality is perfect.

In the office, behind the SA520 is my issue. I have a Cisco 7970G with the SIP firmware connected to the asterisk box. I also have an Aastra 9480i SIP phone configured. I set up a softphone on my desktop PC, and have a softphone on my Android cell phone via office Wifi. With the 7970G, the 9480i and my desktop softphone, I get crackling and millisecond drop outs of audio continually.

Here's the strange part, the softphone on my cellphone connected via my Cisco WiFi AP works fine. Trying to rule out any differences, I have tried my 9480i in 3 different rooms in the building. I have connected it directly to our HP layer 3 switch on multiple modules just in case i had a bad or overloaded module. The Cisco AP is connected to this same switch. I also connected it directly to the SA520. No matter what I tried, I still got the same crackling and cutouts.

Is there any configuration I'm overlooking? I wouldn't think so if my cellphone's softphone works fine via Wifi.

Thanks for your help.

mdioriouent · ‎02-10-2011

Just a quick follow up. The audio is dropping (no audio in spots for I'd say

10-500ms). Occasionally I get very garbled audio almost like static. And occasionally I'll ge

t doubling of audio. As in someone will say "now is the" and I'll get "now is now i

s the".

Pasadena01 · ‎03-14-2011

Hi,

Found a solution? Would be nice, to post here.

I have the same problem with my SA520 and an SPA525G connected. It is horrible jittering, when somebody is downloading or something else.

QoS seems not to work.

Pasadena

mpyhala · ‎03-14-2011

Hi Max,

Thanks for posting. I saw a case recently where the user tried "everything" and after disabling IPS on his SA540 the voice quality was perfect. Not a solution I know, but might be a helpful temporary workaround.

Pasadena01 · ‎03-17-2011

Hi,

You are right! While disableling IPS, QoS seems to work.

I told about this to some Cisco Guys, which I meet in an workshop. They are also wondering about this. Maybe it is only one or some special signatures. But it will be horrible to search in this big catalog. The logfiles say nothing about this.

Anyway, we should wait for a better solution. This is only an workaround.

Pasadena