Overview

While connecting Mitel phones through Kerio Control firewall, specific settings should be applied. Mitel VoIP phones require specific network ports and DNS/IP address configuration to establish a successful connection.

This article provides information on how to configure Kerio Control traffic rules and services for Mitel phones.

Solution

In Kerio Control Webadmin -> Services, add the necessary services required by Mitel. Add the "Mitel" keyword in the Name to find it more easily.

Full list of Mitel services to be added:

• Name: SIP TCP/UDP (Mitel)
  • Protocol: TCP/UDP
  • Source Port: Any
  • Destination Port: Equal to 5060
• Name: SIP TLS (Mitel)
  • Protocol: TCP
  • Source Port: Any
  • Destination Port: Equal to 5061
• Name: HTTPS TCP/UDP (Mitel)
  • Protocol: TCP/UDP
  • Source Port: Any
  • Destination Port: Equal to 443
• Name: XMPP (Mitel)
  • Protocol: TCP/UDP
  • Source Port: Any
  • Destination Port: Equal to 5280
• Name: Admin (Mitel)
  
  • Protocol: TCP
  • Source Port: Any
  • Destination Port: Equal to 8001
• Name: ECC Supervisor (Mitel)
  
  • Protocol: TCP
  • Source Port: Any
  • Destination Port: In Range
    • From 31450
    • To 31471
• Name: RTP Media Stream (Mitel)
  
  • Protocol: UDP
  • Source Port: Any
  • Destination Port: Greater than 9999

The end result of all Mitel services.

Then in the Traffic Rules section, create 2 separate rules with the following values:

• Name: Mitel IP/DNS
  • Source: Firewall
  • Destination: Addresses
    • 66.11.214.0/24
    • 66.11.195.0/24
    • 208.103.83.155
    • 66.11.195.11
    • 199.101.107.6
  • Service: Any
  • Action: Allow
• Name: Mitel Services
  • Source: Firewall
  • Destination: Any
  • Service: 
    • SIP TCP/UDP
    • SIP TLS
    • HTTP
    • HTTPS (TCP/UDP)
    • XMPP (Mitel)
    • Admin (Mitel)
    • ECC Supervisor (Mitel)
    • RTP Media Stream
  • Action: Allow