FreePBX, PFSense 2 and IAX Weirdness

I have aproblem thats driving me nuts, in fact I’m beginning to think its something silly hardware wise so while I wait for any responses I’m setting up a VM to see how that works.

I have two sites…

Site A, main office. PFsense 2 box running PPPOE over a BT fibre line. FreePBX latest version all updated and patched running a handfull of Cisco 3911’s 3CX softphones. 2 inbound/outbound SIP trunks to a provider, 1 FXO port brining in a POTs line. ALl works an absolute treat. Softphones connection over L2TP work too.

Site B, remote office, same FreePBX ver, again, all patched and up to date. 3 soft phones, nothing else at all. Dlink E3000 router and Vermin Media connection

Both setup at SiteA, tested with both units on local LAN, worked a treat with SiteB’s box able to make/receive calls via SiteB. IAX2 trunk between them.

Put them in situ and it all goes pear shaped. Site A connects to Site B, can call Site B’s extentions all as it should be. Site B cant do anything, the IAX2 trunk back never comes up showing as unreachable.

a LOT of debugging has been done down to now narrow it down to something Site B’s box is doing. UDP packets leave, arrive at the PF sense box, hit the port forward and then never leave. However using the exact same setup ut with UDP packets generated by myself, they arrive at Site A’s NIC. I did have some bad checksums from Site B, I’ve knocked out the TCP/OE on that machine and thats gone, otherwise the packets look OK. They just never make it out the PFsense box. I can (using my own UDP port forward tester) point the forward at anothe machine and send HUGE amounts of data over without a single dropped packet so its somthing Asterisk is doing thats creating packets PFsense drops. Any thoughts?

Solved*
I dont yet know WHY but its the hardware thats to blame, the VM was up and running in minutes with no changes at all. This was a test setup and the remote site was a Dell Inspiron 1525 and there is obviously something just not right about its nic.

I would still build a vpn between the pfsense boxes. Make sure to mark the Voip traffic as priority. Remember with a vpn house have true end to end QoS if you don’t over subscribe the Internet connect.

Only one PFsense box, the Dlink cant do VPns, though I might move it onto DD-WRT. The remote is going over to Fibre in a few weeks at which point it’ll go over to PFSense or Smoothwall as theres already a Smoothie on that site.

Verified it all works this morning, just wondering how long it’ll take my partner to realise that theres a VM running on that machine, probobly soon as she tries to fire up FarmVille (Bleh)

Part of me wants to know what that Dell was doing to the packets.