Firebox sending back phone traffic after moving from 12.0.1 to 12.5.4

We bought new fireboxes (M470) to replace our current ones (M400). I copied the config from the old to the new so they are identical except the fireware OS, the new box is 12.5.4 and the old is 12.0.1. The phones are managed by an outside vendor.
The phones communicate to the vendors server outside our network.
When I moved to the new firebox, everything worked except the desk phones. We have conference room phones that functioned normally. They connect to the same server as the desktop phones but they are on a different subnet. After running a packet trace, we noticed the firebox was sending the packets back into the network. The packets were also not tagged. The WatchGuard tech and our phone vendor worked on this issue for 4-5 hours but do not know why it's not working. The WG tech said it might be related to a change in the fireware versions (because the box is so behind) and/or could be the tagging in our network. I may need to configure tagging on the trunk port in the switch. Does anyone have any ideas? Thanks in advance.


  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @SandyD

    The firebox won't generally send traffic back to the source network -- but the switch it's attached to may. Were there any static MAC/ARP entries on the switch to facilitate anything? The MAC for each interface would have changed with the firewall upgrade.

    If you can let me know what case number you're working with, I can ask the support team to take a look and escalate the case if needed.

    Thank you,

    -James Carson
    WatchGuard Customer Support

Sign In to comment.