Known Issues

  1. SIP ALG needs to be disabled.
  2. A module that controls RTP traffic needs to be loaded to prevent call and fax audio issues.

Resolution

  1. You, your IT, or whoever setup the Linux firewall will need to make the changes below.  Intermedia cannot do this for you.
    • The site below explains that a kernel module nf_nat_sip needs to be unloaded in order to disable SIP ALG. 
    • For RTP (call and fax audio), the nf_conntrck_sip module needs to loaded to prevent audio problems.
    • The instructions below may vary slightly, depending on your variant of Linux.
  2. We need the iptables firewall on your Linux router to respond to WAN pings from just our Call Quality Monitoring and Troubleshooting Servers, 64.28.122.110 and 64.28.121.110.
    • On most Linux distributions, you will need to run the following commands:
      • Incoming ping requests:
        • iptables -A INPUT -p icmp --icmp-type 8 -s 0/0 -d 64.28.122.110,64.28.121.110 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
        • iptables -A OUTPUT -p icmp --icmp-type 0 -s 64.28.122.110,64.28.121.110 -d 0/0 -m state --state ESTABLISHED,RELATED -j ACCEPT
      • Outgoing ping requests:
        • iptables -A OUTPUT -p icmp --icmp-type 8 -s 64.28.122.110,64.28.121.110 -d 0/0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
        • iptables -A INPUT -p icmp --icmp-type 0 -s 0/0 -d 64.28.122.110,64.28.121.110 -m state --state ESTABLISHED,RELATED -j ACCEPT
      • Click here for more information.
  3. If your Linux router is also the DHCP and/or DNS server on your network:
    • It needs to provide the Polycom phones with a set of efficient DHCP DNS servers (DHCP option 6), such as:
      • Google's DNS - 8.8.8.8/8.8.4.4 or
      • OpenDNS - 208.67.222.222/208.67.220.220
      • This is to prevent intermittent DNS lookup timeouts that affects just Polycom phones.  This causes intermittent registration and call failures.
      • If you must use your own private DNS server addresses, then you will need to setup Stub DNS Forward Zones on your private DNS server that forward requests for the domains below directly to our DNS servers below that the phones and other Intermedia devices use. 
        • This cuts out middle-man DNS servers, which causes the DNS lookup requests to be resolved much faster.
        • You may need to setup a DNS caching service on your Linux machine to accomplish this.  For more information, see this article.