I have realized about one isue, that happens to different Freepbx systems I have working. Those systems work with a SIP trunk each. Inbound calls and outbound calls work perfect, sounds good and everyting seem to be fine.
The problem starts when I forward inbound calls to a ring group, where a mobile number is set. When a call is not attended, every calls are sent to this group with a number finished with"#". The call is transfered but when answered there is no sound in any way. 2 telephones are mutted.
It happens in different systems. Normal outbound calls to this mobile number work fine.
This is an old memory, and I may not be getting all of the facts completely straight, but when I had this happen to me, it was my firewall.
When you put a call on hold, the firewall can “forget” the connection and shut down the RTP route. When the call gets transferred to an extension, the stream doesn’t “start up” again (the SYN flag doesn’t fire) so the firewall doesn’t establish a new connection to the remote end.
I ended up allowing all RTP traffic through the firewall that was intended for the phone server to just pass ON UDP ONLY. I also reduced the number of ports for RTP to a couple per phone so that I didn’t “as big” a gaping hole in the firewall.
If you use this, the trick is to allow traffic from anywhere “that’s going to the phone server” to pass without being blocked. I had about 40 phones on the network, so I chopped the 10000 to 20000 range down to 10000 and 10200.
RTP can come from anywhere, so opening it just to your SIP provider isn’t going to be as satisfying as one would hope.
The reason I cut the range down was to reduce the threat window. I also added a rule that said that those ports would be forwarded ONLY to the phone server.
Already changed to forward all rtp trafic from anywhere, but still doesn’t work.
I’m thinking it could be a provider isue. I’m waiting for an answer. I have realized it’s happening in more systems with same provider. And it worked before.
A more secure way of doing things:
If you’re running OpenBSD firewall:
set timeout udp.multiple 1200
or more specifically (so only SIP connections get held open for longer):
pass in log on $ext_if proto udp to pbx-box port 5060 keep state ( udp.mult
iple 1200 )
pass in log on $int_if proto udp from pbx-box to port 5060 keep state ( udp
.multiple 1200 )
pass out log on $ext_if proto udp from any to port 5060 keep state ( udp.multipl
e 1200 )
In either case, wht yo’re doing is remembering UDP traffic for longer (20 minutes, in this case) – so that, when it starts up again, it’s not been forgotten. It also rembers NAT port assignments, which can be even more important.
Other firewalls should have similar settings capabilities.