Forwarding calls are muted

Hi all!

I have realized about one isue, that happens to different Freepbx systems I have working. Those systems work with a SIP trunk each. Inbound calls and outbound calls work perfect, sounds good and everyting seem to be fine.

The problem starts when I forward inbound calls to a ring group, where a mobile number is set. When a call is not attended, every calls are sent to this group with a number finished with"#". The call is transfered but when answered there is no sound in any way. 2 telephones are mutted.

It happens in different systems. Normal outbound calls to this mobile number work fine.

Any idea about this?

Regards

This is an old memory, and I may not be getting all of the facts completely straight, but when I had this happen to me, it was my firewall.

When you put a call on hold, the firewall can “forget” the connection and shut down the RTP route. When the call gets transferred to an extension, the stream doesn’t “start up” again (the SYN flag doesn’t fire) so the firewall doesn’t establish a new connection to the remote end.

I ended up allowing all RTP traffic through the firewall that was intended for the phone server to just pass ON UDP ONLY. I also reduced the number of ports for RTP to a couple per phone so that I didn’t “as big” a gaping hole in the firewall.

If you use this, the trick is to allow traffic from anywhere “that’s going to the phone server” to pass without being blocked. I had about 40 phones on the network, so I chopped the 10000 to 20000 range down to 10000 and 10200.

As I recall, it helped.

Thank you cynjut, I 'll try it but, what about the risk to be attacked? RTP conections can expose my FREEPBX to a risk?

I’ll create a rule in the firewall to allow rtp connection only from my sip provider’s IP. May be in that way won’t have security problems.

I’ll post results. Best regards.

Damn! It doesn’t work for me :frowning:

Any idea?

RTP can come from anywhere, so opening it just to your SIP provider isn’t going to be as satisfying as one would hope.

The reason I cut the range down was to reduce the threat window. I also added a rule that said that those ports would be forwarded ONLY to the phone server.

Already changed to forward all rtp trafic from anywhere, but still doesn’t work.

I’m thinking it could be a provider isue. I’m waiting for an answer. I have realized it’s happening in more systems with same provider. And it worked before.

I will report provider answer.

Thank you!

In FreePBX try going to Settings, Asterisk SIP Settings and at the bottom in the Other SIP Settings, add a line that says:

progressinband=yes
3 Likes

YEEESS!!! It works with progressinband=yes!! (…or it seems to be working for now).

Is this a provider issue? CAn anyone explain what is happening?

lgaetz, thaks a lot!! Thanks a lot to everybody!!

1 Like

A more secure way of doing things:
If you’re running OpenBSD firewall:
set timeout udp.multiple 1200

or more specifically (so only SIP connections get held open for longer):

pass in log on $ext_if proto udp to pbx-box port 5060 keep state ( udp.mult
iple 1200 )
pass in log on $int_if proto udp from pbx-box to port 5060 keep state ( udp
.multiple 1200 )
pass out log on $ext_if proto udp from any to port 5060 keep state ( udp.multipl
e 1200 )

In either case, wht yo’re doing is remembering UDP traffic for longer (20 minutes, in this case) – so that, when it starts up again, it’s not been forgotten. It also rembers NAT port assignments, which can be even more important.
Other firewalls should have similar settings capabilities.

Thanks darkonc, this information is very helpfull.

Actually I’m using simple ruter/firewalls with tomato firmware (ddwrt kind of).

I’ll investigaste if it’s possible to solve.

Best regards!!

Well. My router’s tomato firmware pannel shows two options on UDP Time Out Settings:

Unreplied=30s
Assured=180s

Which value do I have to change?

Regards.

assured probably needs to be upped – long enoug to survive any timeouts. I used 20 minutes (1200 seconds). other values may work for you.