Failover WAN IP and NAT

I’m running 2.10 of the distro behind a sonicwall TZ-210. I’ve hacked on the firewall so much to get various things working properly that this weekend I finally reset it to factory defaults and rebuilt my configs from scratch to make things alot cleaner, and so I’d force myself to make some notes.

I have everything working as before, but find one thing I’m trying to accomplish a bit confusing.

I Have 2 Wan Connections, 2 ISP’s
I have sip Trunks from Vitelity, Routing to WAN 1, if unavailible to WAN 2
If WAN 1 is up all is well.
When WAN 1 Goes Down, Vitelity Routes Calls to WAN 2, PBX answers, I have audio from PBX to PSTN but not from PSTN to PBX. Call Disconnects after 30 seconds Due to lack of RTP Traffic

NOTICE[4140]: chan_sip.c:25002 check_rtp_timeout: Disconnecting call ‘SIP/vitel-inbound-00000479’ for lack of RTP activity in 31 seconds

I can Make calls Out from PBX but no audio either way.

NOW… I’m pretty sure this is a NAT issue, Because in Asterisk Sip Settings I have the Static IP as my WAN 1 IP.

My first question, can you have two static IP’s associated?

I assume selecting dynamic and using a DDNS provider and adjusting the timeout is 1 way to resolve it the issue. I have sysadmin Pro, and see the two entries Smart DDNS Address and External DDNS Name… is one of these what I should put as Dynamic Host in Asterisk SIP Settings, or signup for another DDNS service?

In ASterisk Sip Settings, the refresh rate can be keyed in, 30 seconds would be my preference… But in Sysadmin>DDNS Update intervals are 5min, 15min, and 1hr. When I set to 5min it reverts to 15 min Everytime. 5 Minutes is too long for a Failover… am I missing something here?

Can your firewall be set to update DDNS? I would expect something to update as soon as it notices a change, like my 7 year old Linksys does at home. Sure, it should use intervals to verify that it didn’t miss an update, but an update should be triggered when an IP changes.

Maybe look for a Linux DDNS client that you can run right on the Asterisk server to do this if it doesn’t make sense to do it in your firewall (or, if that’s not an option).

Yes… My firewall Supports DDNS… but how will that help me? I know what the IP’s will be, I’m not trying to remember them to connect to my server from outside.
Asterisk Needs the current External IP for NAT transverse of RTP Traffic. I need asterisk to know what that failover IP is.

Sorry, I guess I was thinking that you could set Asterisk to Dynamic and use an FQDN from like or similar, then have your firewall update when the IP changes. If your firewall is constantly connected to two ISPs, then it might be easier (less confusing all around) to have a Linux DDNS client update when it sees the external IP address changed – which would happen when you failover.

My theory is just basic networking and DNS. I don’t know if there would be any negative implications going this route, but I also don’t see why it wouldn’t work.

After re-reading your post, I just want to clarify that my suggestion was for getting around the 5 minute problem. If you can use something else to update that IP address instantly when it fails over, then set the refresh rate in FreePBX as low as you can.