This configuration is on a Sonicwall TZ205 with 5.9.1.7-2o firmware, but should be relatively similar for all models.

 

We recommend the TZ series for no more then 25 phones.  If you plan to expand beyond that we recommend the NSA series.

 

1. Consistent NAT

Ensure "Enable Consistent Nat" is checked

 

2. Enable WAN BWM (Bandwidth Management)

Ensure advanced is checked as seen below

 

3. Enable BWM on WAN

Click the configure pencil located next to your primary WAN connection

Under the bandwidth management section, check both enable Egress and Ingress.  Egress is the upload speed of your internet connection.  Ingress is the download speed.  Best practice is to run a speed test before setting these options.  The example below shows a 100MBPS download and 35MBPS upload speed connection.

 

4. Create LAN>Wan firewall rule to allow and prioritize all traffic to both of Syntel Solutions Servers

You are going to create a rule that allows all traffic to our server as seen in the screen shots below.  Under the destination submenu click "create new network" to add our servers.  You will build this rule twice, one using our NJ servers FQDN of core-nj.syntelsolution.com and the second rule will use our FL server of core-fl.syntelsolutions.com

Then under the QOS tab, change DSCP to "Explicit"

Under the BWM tab, check enable Egress and ingress, under the drop down you will create a new bandwidth object.  You will use this for both inbound and outbound firewall rules as you will see later.  The best rule of thumb is to guarantee about 25% of the bandwidth to the phones, and to allow 100% if needed.  This way phone 

calls always will have priority, but not use the entire connection when not in use.

5. Now we go back to access rules, to create a similar rule from WAN>LAN

 

Here you will build similar rules to LAN>WAN, the only difference being we will be changing the "Source" to the Syntel Solutions Servers, and the other options to "any".  Therefore creating a rule saying all traffic ONLY from our servers, is allowed and prioritized.

Be sure to set the QOS and BWM tabs the same as the previous rules 

 

Congrats!  You've successfully configured your firewall for the Calltonet UCaas Platform.