Linking sites via VPN with integrated firewall (kb3341)

The information in this article applies to:

  • SwyxWare all versions

[ Symptoms | Cause | Resolution | Status ]


If using Clients (SwyxIt! or IP-phones) and/or gateways on a remote site - often one way media streaming, call interruptions or registration problems occur - if the VPN routers are using firewall functionalities (e.g. CISCO PIX).


Firewalls in most cases are using a mechanism called "TCP-timeout" or "stateful inspection" to monitor TCP sessions. Because the client and the server are negotiating the used ports only during the clients registration, there will be no more media streaming, after the TCP-timeout has dropped the corresponding session.


Either switch off or increase the value of the TCP-timeout which is long enough to keep the session valid during an idle state of the clients (no phone call).




Comment on this article

If we have any follow-up questions, where can we contact you?

E-Mail Address (optional)


This feedback form can't be used for support requests. Those requests must be directed to your Swyx reseller or distributor.