Sophos UTM Device

Important:  Make sure device firmware is always up to date.

Enabling WAN Ping Response:

Once logged in to the Sophos go to Network Protection > Firewall. When in the general Firewall settings go to the tab ICMP. Then under "Global ICMP Settings" check the box next to "Allow ICMP on Gateway" then press "Apply".

Setting up the Cytracom Network Definition:

Once logged in to the Sophos go to Definitions & Users > Network Definitions > New Network definition... > Input the following info > Name = "Cytracom" ; Type = Range ; IPv4 From = {New Server = 209.105.249.232}{Old Server = 74.124.9.139} ; IPv4 To = {New Server = 209.105.249.252}{Old Server = 74.124.9.150} ; No Advance configuration Necessary. 

Setting up Inbound Traffic Selectors for QOS:

Once logged in to the Sophos go to Interfaces & Routing > Quality of Service (QoS). Once in the QoS Settings go to the Traffic Selectors Tab. Now press New Traffic Selector... > Input the following info > Name = "Cytracom IN" ; Type = Traffic Selector ; Source = "Cytracom" ; Service = Any ; Destination = Any ; Comment = Optional ; No Advanced Configuration Needed on the inbound because it will not retain the DSCP coming back. This is only needed on outbound traffic. Press Save, then find the new rule in the list and click the slider to enable it.

Setting up Outbound Traffic Selectors for QOS:

Once logged in to the Sophos go to Interfaces & Routing > Quality of Service (QoS). Once in the QoS Settings go to the Traffic Selectors Tab. Now press New Traffic Selector... > Input the following info > Name = "Cytracom Out" ; Type = Traffic Selector ; Source = Any ; Service = Any ; Destination = "Cytracom" ; Comment = Optional ; Open the Advanced sections and input the following > TOS/DSCP = DSCP-Bits ; DSCP-Bits = DSCP Value ; DSCP Value = 46 ; Amount of data sent/received = unchecked > Helper = None. Press Save, then find the new rule in the list and click the slider to enable it.  

Setting up the Cytracom bandwidth pool:

Once logged in to the Sophos go to Interfaces & Routing > Quality of Service (QoS). Once in the QoS Settings go to the Bandwidth Pools Tab. Now Press New Bandwidth Pool... > Input the following > Name = "Cytracom Pool" ; Interface = WAN ; Position = Top ; Bandwidth (kbit/s) = {This depends on how many phones there are.  Each phone will need to be multiplied by 70 kb, and then double it because this is for both in and outbound phone traffic concurrently.} ; Traffic Selectors = Check both Cytracom IN and Cytracom Out ; Comment = Optional. Press Save. 

Disabling SIP Helper

Once logged in to the Sophos go to Network Protection > VoIP and make sure that SIP Protocol Support is switched to off.  

 

Was this article helpful?
2 out of 2 found this helpful
Have more questions? Submit a request