How to Configure WatchGuard Firebox T70
The purpose of this article is to provide a sample configuration. At the time of article creation, this device was in a known working state on the firmware used.
Keep in mind different firmware versions will interact with hosted VoIP services in different ways. While this device may be fully functional on the tested and/or current firmware version, it is possible newer revisions will cause disruptions in service or make a device fully compliant with the required settings for hosted VoIP services where it was previously not.
Configure Watchguard Firebox T70 for 8x8 service
Watchguard Firebox T70. Tested version 12.3.B581846
Add 8x8 Servers
- Go to Firewall and then to Aliases in the sub menu.
- When creating new Aliases fill in Name as 8x8 and Description as 8x8 Servers.
- Click Add under Alias Members.
- As Member type select Network IPv4
- Add all 8x8 subnets listed in the Virtual Office Technical Requirements
- After all 8x8 servers have been added, click Save.
Create Policy for 8x8
- Go to Firewall then to Firewall Policies and click Add.
- In the Packet Filter drop down choose Any, then click Add Policy.
- In the From box click Add and select Any Trusted.
- In the To box click Add and select 8x8.
- Check the box next to Specify custom idle timeout and set to the timeout to 300 seconds. This helps to prevent dropped calls.
- Go to the Advanced tab.
- Select the options below to enable the following in the NAT section:
- 1-to-1 NAT (Use Network NAT Settings)
- Dynamic NAT
- Select Use Network NAT Settings
- Click the checkbox next to Override Per-Interface Settings.
- Set the following values for QoS:
- Marking Type: DSCP
- Marking Method: Preserve
- Prioritize Traffic Based on: Custom Value
- Value: 7 (Highest)
- Click Save.