I am not sure if this is a good place to discuss this, but I tried Digium support and got back answers that dont fix the problem.
If you host FreePBX with rentpbx or other cloud company like the Amazon AMI image Ward Mundy published for IncrediblePBX, theres a good chance that Digium phones will be all considered “remote” and behind a firewall.
For the life of me, I cannot find any docs anywhere that talk about enabling and/or adjusting a keepalive value/timer when UDP is used.
Also, when I asked the Digium support (and submitted a feature request), I was lectured about how (in his opinion) no other phones support this feature, and is therefore unneeded.
His suggestions were:
Adjust your firewall to a higher UDP timeout.
30 seconds for a UDP timeout is unusual. (Not so unusual in Sonicwall, PIX/ASA, Mikrotik RouterOS, etc)
Set Asterisk extension to expire session less than 30 seconds
Set qualifyfreq less than 30 seconds in Asterisk.
As far as I know:
All versions of SPA5xa/SPA9xx/Sapura/Linksys/Cisco Phones and ATA’s all have keepalive available and default to 20 seconds… Not sure why, perhaps that company expects udp timeouts to be 30 seconds by default on firewalls?
Also, Grandstream phones/ATA’s have this option.
Also, Polycom phones have this option.
Also, Snom phones and cordlesses have this option…
I think I even recall seeing it in my Aastra 5xxx phones…
Allworx proprietary SIP phones have it…
Shoretel proprietary SIP phones have it…
Cant figure for the life of me why Digium does not?
So, being a crafty devil, I switched them to TCP.
Oooops.
Solves my lack of keepalive problem without any other funky workarounds but causes a new problem that even Digium admits.
In TCP mode, the “Reconfigure” option in DPMA doesnt work since it only sends out its reconfigure message by UDP.
Unless Digium has or provides a NAT keepalive option, or Digium does “reconfigures” by TCP when the extension is configured to use TCP there are about 2 options I can see for remote Digium phones.
- Use Digium Phones/DPMA/FreePBX in UDP mode and one of the workarounds to fake a keepalive or extend the firewall’s udp timeouts. (Which in a large enough network, can quickly run out of UDP translations… Doh)
or
- Use TCP mode and live with the fact that the reconfigure option will never work with remote Digium phones behind firewalls.
Also, using the TCP option with a Digium remote phone causes the visual voicemail to not show any messages in your inbox when in fact the light is blinking and there is voicemail. For this issue, you can use the *97 FreePBX feature code, or reboot your phone and the visual voicemail works for a period of time before it fails again.
Lastly, I requested (using the feature request email) for Digium phones/DPMA to support provisioning STUN/TURN/ICE and their response was “This wont help your NAT issue”.
Which of course I was already aware… I simply was requesting the feature…
Of course, with the NAT Comedia mode of Asterisk now, there is almost no need for STUN/TURN unless its the only way for the endpoint to automatically know it needs to send keepalives on UDP sip sessions…
Am I missing any other workarounds?