When installing phones at an office, or when installing a new firewall for existing phones, there are some general steps to take to ensure good VoIP service:
- Ensure that the modem is in Bridge mode, or if that is not an option, set so that it does not do any routing.
- Disable SIP ALG. This is sometimes called the SIP Module, SIP Transformations, SIP Helper, SIP Proxy, etc. If an option is labeled SIP, it's likely best to disable it. These options are primarily useful to on-premise VoIP systems but can severely hinder cloud based VoIP traffic.
- Add firewall rules to allow ALL traffic to and from Cytracom Servers
- Registration & Nodes[IP ranges 126.96.36.199-252, 188.8.131.52-184.108.40.206, 220.127.116.11-18.104.22.168 FQDN: register.cytracom.net]
- Configuration [IP: 22.214.171.124 FQDN: tftp.cytracom.net or provision.cytracom.com]
- Firmware [IP: 126.96.36.199 FQDN: fw.cytracom.com or firmware.cytracom.net]
- Mobile Registration [IP: 188.8.131.52 FQDN: mr1.cytracom.net]
- Presence [FQDN blf.cytracom.net and pres.cytracom.net]
- Increase UDP timeout to a minimum of 180 seconds for Global and firewall rules relating to Cytracom services (relative cause of BLF and MWI issues).
- Add QoS to prioritize traffic, targeting everything being sent from the phones to our system at the above IP range (DSCP Marking  or a guarantee of 70-90kbps per device).
- Keep firmware up to date. While it's usually not imperative to update a firewall every time a new firmware version is released, this should be a go-to step when troubleshooting any widespread problem.
These are general guidelines, and the details will often vary from one firewall to another. Feel free to contact Support if needed: firstname.lastname@example.org.