8x8 Community

My Services Express Jitsi as a Service 8x8 Connect 8x8 Work for Web

Configure WatchGuard XTM 21 Series Router

Objective

Configure a WatchGuard XTM 21 Series router for use with 8x8 services.

Applies To

  • Watchguard XTM 21

Procedure

The purpose of this article is to provide a sample configuration. At the time of article creation, this device was in a known working state on the firmware used. 

Keep in mind different firmware versions will interact with hosted VoIP services in different ways. While this device may be fully functional on the tested and/or current firmware version, it is possible newer revisions will cause disruptions in service or make a device fully compliant with the required settings for hosted VoIP services where it was previously not.
Note: Traffic Shaper / Bandwidth Management does not appear to actually set reserved traffic as specified.
watchguard.png

Administrative Information

  1. Make sure your router is powered on and connected to your network.
  2. In a browser on a computer on the same network as the router, navigate to the following IP address: 10.0.0.1:8080.
  3. Log in (default credentials shown below).
    • Username: admin
    • Password: readwrite
Tested on firmware version 11.2.B257005.
Adding/editing 8x8 subnets is recommended when available. See X Series Technical Requirements for information on Network Requirements.

Firewall Configuration

  1. Go to Firewall > Firewall Policies.
  2. Click Add to add the policies highlighted below.

Add Aliases (8x8 Servers)

Note: 8x8 subnets (server addresses) can be found in the  X Series Technical Requirements  document.
  1. Go to Firewall > Aliases.
  2. Enter 8x8 Servers in the Alias Name and Description fields.
  3. Add the 8x8 subnets by clicking the Add Member button. 
  4. Click SaveB.

Configure Policies

  1. Go to Firewall > Firewall Policies.
  2. Add a Policy and go to Policy Configuration > Policy.
  3. Name the policy 8x8 and check the box to Enable it.
  4. Set Connections to Allowed.
  5. From Any-Trusted.
  6. Add 8x8 Servers in the To field
  7. Go to the Properties tab.
  8. Enter information for the ports as seen below.
  9. Check the box next to Specify custom idle timeout and set to the timeout to 300 seconds. This helps to prevent dropped calls. 
  10. Go to the Advanced tab.
  11. Select the options below to enable the following in the NAT section:
    • 1-to-1 NAT (Use Network NAT Settings)
    • Dynamic NAT
      • Select Use Network NAT Settings
  12. Click the checkbox next to Override Per-Interface Settings.
  13. Set the following values for QoS:
    • Marking Type: DSCP
    • Marking Method: Preserve
    • Prioritize Traffic Based on: Custom Value
    • Value: 7 (Highest)
  14. Click Save.

Traffic Management Policies

  1. Go to Firewall > Traffic ManagementPolicies.
  2. Add a Traffic Management Action called 8x8 Minimum.
  3. For the 8x8 Policy, select 8x8 Minimum as the Traffic Management Action.
  4. Click Save.
     

Configure Traffic Management Action Settings

  1. Go to Firewall > Traffic Management > Action Settings.
  2. Set the Outgoing Interface, Minimum Bandwidth, and Maximum Bandwidth to the values listed below.
  3. Click Save.