-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
Microsoft Teams randomly dropping (Video conferencing applications)
01/11/2024 
625 People found this article helpful
478,157 Views
Description
Video conferencing allows people at two or more locations to see and hear each other at the same time, using computer and communications technology. They exchange visual information with Webcams (digital video cameras) and streaming video. Audio content may be distributed via computer or the telephone system. Some of the popular applications like Skype for business, Zoom, Microsoft Teams can be used for the same.
Real-time video sharing consumes much more network bandwidth than other forms of conferencing. The higher resolution of the video being broadcast, the more difficult it is to maintain a reliable stream free of dropped frames or frame corruptions, particularly over Internet connections.
Resolution
While present behind a SonicWall firewall, if you are experiencing connection dropouts, the following steps can be taken to ensure a better connectivity.
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
1. It's possible that Microsoft Teams are dropped being flagged as a flood.
Adjust UDP Flood protection configuration:
TIP: You can either disable UDP flood protection, or set a higher UDP Flood Attack Threshold (UDP Packets / Sec). The default value is 1000. Based on your environment you can increase this to 5000 or 10,000 and test what works for your setup.
UDP Flood Attacks are a type of denial-of-service (DoS) attack. They are initiated by sending a large number of UDP packets to random ports on a remote host. As a result, the victimized system’s resources are consumed with handling the attacking packets, which eventually causes the system to be unreachable by other clients.
SonicWall UDP Flood Protection defends against these attacks by using a “watch and block” method. The appliance monitors UDP traffic to a specified destination. If the rate of UDP packets per second exceeds the allowed threshold for a specified duration of time, the appliance drops subsequent UDP packets to protect against a flood attack.
The video conferencing applications utilize a large UDP packets for voice and video conferencing. So, it is essential to set a right value so that legitimate traffic does not dropped being flagged as a flood.
To make these changes here:
- Navigate to Network| System | Flood protection | UDP tab
- Either use the 'Enable UDP Flood Protection' checkbox to DISABLE the feature completely.
3. Or you can also adjust the 'UDP Flood Attack Threshold (UDP Packets / Sec)' value appropriately.
2. APP Control :
The application control feature includes signatures for various applications like Microsoft Teams, Zoom, Skype and they are spread in various categories.
- Navigate to Policy| Security Services | App control tab.
- Make sure that all the signatures for the application are in DISABLED state for block. Use the viewed by: selected to signature to check the same.
3. Disable DPI for the following ports on LAN to WAN Access Rule :
Most of these applications use HTTP/HTTPS connections and then custom ports for audio/video connections.
EXAMPLE: Microsoft Teams uses the following ports:
Teams Audio – TCP & UDP – 50000 – 50019
Teams Video – TCP & UDP – 50020 – 50039
Teams Sharing – TCP & UDP – 50040 – 50059
Teams UDP – 3478-3481
1. Add separate service objects and group them together in a service group that can then be used in an Firewall access rule as the service.
Please refer to How can I configure Service Objects? for more details on service objects and groups.
On LAN to WAN rule, excludes these ports under Destination from being inspected against all security services which might cause delay or disruption or quality issues with audio/video services.
2. Disable DPI under security profiles which might cause delay or disruption or quality issues with audio/video services.
You can refer to the following link on how to disable DPI on an access rule How To Disable DPI For Firewall Access Rules
NOTE: If you are still experiencing dropouts, you can perform a packet capture while using the application so that the support team can help you investigate this issue further. Please refer to How Can I Setup And Utilize The Packet Monitor Feature For Troubleshooting? for more details.
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
UDP Flood protection:
UDP Flood Attacks are a type of denial-of-service (DoS) attack. They are initiated by sending a large number of UDP packets to random ports on a remote host. As a result, the victimized system’s resources are consumed with handling the attacking packets, which eventually causes the system to be unreachable by other clients.
SonicWall UDP Flood Protection defends against these attacks by using a “watch and block” method. The appliance monitors UDP traffic to a specified destination. If the rate of UDP packets per second exceeds the allowed threshold for a specified duration of time, the appliance drops subsequent UDP packets to protect against a flood attack.
The video conferencing applications utilize a large UDP packets for voice and video conferencing. So, it is essential to set a right value so that legitimate traffic does not dropped being flagged as a flood.
You can either disable UDP flood protection, or set a higher UDP Flood Attack Threshold (UDP Packets / Sec). The default value is 1000. Based on your environment you can increase this to 5000 or 10,000 and test what works for your setup.
To make these changes:
- Navigate to MANAGE | Firewall Settings | Flood protection | UDP tab.
- Either use the 'Enable UDP Flood Protection' checkbox to disable the feature completely.
- Or you can also adjust the 'UDP Flood Attack Threshold (UDP Packets / Sec)' value appropriately.
App control:
The application control feature includes signatures for various applications like Microsoft Teams, Zoom, Skype and they are spread in various categories.
- Navigate to MANAGE | Rules | App control tab.
- Make sure that all the signatures for the application are in disabled state for block. Use the viewed by: selected to signature to check the same.
Disable DPI on access rule:
Most of these applications use HTTP/HTTPS connections and then custom ports for audio/video connections.
EXAMPLE: Microsoft Teams uses the following ports:
Teams Audio – TCP & UDP – 50000 – 50019
Teams Video – TCP & UDP – 50020 – 50039
Teams Sharing – TCP & UDP – 50040 – 50059
Teams UDP – 3478-3481
You can add separate service objects and group them together in a service group that can then be used in an Firewall access rule as the service. Please refer to How Can I Configure Service Objects? for more details on service objects and groups.
The disable DPI excludes these ports from being inspected against all security services which might cause delay or disruption or quality issues with audio/video services.
You can refer to the link below on how to disable DPI on an access rule How To Disable DPI For Firewall Access Rules
NOTE: If you are still experiencing dropouts, you can perform a packet capture while using the application so that the support team can help you investigate this issue further. Please refer to How Can I Setup And Utilize The Packet Monitor Feature For Troubleshooting? for more details.
1. Online: Visit mysonicwall.com. Once logged in select Resources & Support | Support | Create Case.
2. By phone: please use our toll-free number at 1-888-793-2830. Please have your SonicWall serial number available to create a new support case.
If you do not have a mysonicwall.com account create one for free!
Related Articles
- How to block like/comment/post/share features of Facebook using App Rules
- How to block various YouTube features using App Rules
- How can I enable or disable SonicWall firewall management access?
Categories
- Firewalls > NSa Series > Networking
- Firewalls > TZ Series > Networking
- Firewalls > SonicWall SuperMassive 9000 Series > Networking
- Firewalls > SonicWall SuperMassive E10000 Series > Networking
YES
NO