Can't Open Ports on Firewall, Can't use plain 'ol NAT

ve

I am getting mighty frustrated with a problem that I naievely deemed trivial before I started, which is to get two Cisco 7960 phones (in SIP) mode talking to a new Blueface account which I setup.

What I've got working so far
The phones out of the box come with firmware that is used to connect to some "Cisco CallManager" system, which we are not using here and just want to use SIP to our blueface account. So after much searching I found that I could get the appropriate firmware and configuration files and make them available via a TFTP server on my network to the phones. So all going well I finally have the phones with the correct firmware and and able to pull all the necessary settings from my TFTP server to connect to my blueface account. I can now dial a landline number, talk, etc, it all works.

What I have not got working so far, and need help with...
As I said I can make calls, but I cannot receive them. I can see from by Blueface PBX web based GUI that the calls are being routed by Blueface, but the status is "no answer". On the dialling phone, we hear nothing, no engaged tone, no ringing tone, no answering machine, etc, just silence, and then the call drops after about 20 - 30 seconds. So I contacted Blueface and they said that most likely it's due to our firewall settings on our network gateway. We have a SonicWall TZ150 Firewall/Gateway and I have admin priviledges on this box. The firewall is blocking all access from the Internet (WAN) to the private LAN. I have placed rules in the rule table to allow everything, but when I do a port scan from outside the network I still see everything as closed (or stealth) depending on my configuration. Even on the sonicwall box there is a VOIP section in the firewall config, which I have enabled. I have also told it to allow SIP traffic from the internet to the IP of the phones inside and still nothing. It's like the firewall rules make absolutely no difference whatsoever.

Also in the configuration for my phones, it asks about NAT, so I specify the IP of my gateway (sonicwall box) and that works, but there is no nat configuration for me to enable on the sonicwall admin interface, just this thing they call "one-to-one nat" which is not the same as normal NAT that I'm used to. It simply looks for a public/private IP range with no mention of ports to forward etc.

Does anyone have any ideas as to how I can get these phones working, I'm nearly at the end of my tether. Have spent 2 days already and still no joy.

I really appreciate any help I can get with this, as I have already invested heavily in equipment/services and just want to get them working.

greymanvoip

Some of the Cisco 7960 firmwares are seriously deficient when it comes to working behind NAT. I have had the exact same problem you are describing with my 7960 and blueface with certain firmware versions.

At the moment I'm using version 3-08-2-00 and incoming calls work fine. The firmware versions I've tried later than that haven't worked. We asked Cisco about the issue and the curt response was that they only support the phones connecting to Cisco CallManager.

Regards,

Greyman.