Google Cloud + FreePBX Responsive Firewall

Hi all,

I’m having an issue that I can’t quite figure out. I have deployed a cloud-hosted PBX and I am experiencing one-way audio. When I make an outbound call, I can hear the other end, but they cannot hear me. My machine has a single network interface (eth0), which is assigned an internal IP address. My remote extension has nat=yes setup and I’m using PJSip.

If I disable the firewall (fwconsole firewall disable), I don’t have any issues. If I change the default zone for eth0 from Internet to Local, that also fixes the issue, but I’m fairly certain setting it to local isn’t the correct way of setting up the firewall. I have also added the remote extension IP ranges to networks and configured them as “Trusted (excluded from firewall)”.

All other aspects of the PBX are standard (RTP 10000-20000, PJSip 5060, SIP 5160, IAX 4569). Under Asterisk Sip Settings, the external IP address is correctly detected and filled in, and I have the IP address of eth0 listed under local networks (it’s a static assigned IP address).

Any guidance would be greatly appreciated!

I have:
System Firewall: on.
Responsive Firewall: enabled.
Interface (eth0): Internet.
Network/Host: Trusted (excluded from firewall) for all extensions and SIP providers.

Dis you set firewall rules for your GCP VM? allow 5060, 5061, 5160, 5262, 5161, 10000-20000 for extensions and SIP providers.

Hi Moussa- first off- THANK YOU for the guide you put together for GCP. It was truly helpful! I’ve read many of your posts on this form and have learned a lot from you. :slight_smile:

The GCP firewall is setup properly as I’m able to receive phone calls when FreePBX firewall is disabled. I just went through and made a few changes and things seem to be working again. This may have been caused by the fact that I restored a backup from an existing FreePBX install. I changed PJSip to port 5060-5061, SIP to 5160-5161 (originally they were swapped), in PJSip I disabled and re-enabled UDP transport, updated my extensions to connect at port 5060 for PJSip. After these changes, I went through the firewall wizard again, and set eth0 to internet, and things are working perfectly now.

Not quite sure what part of those settings was incorrect, but I’m happy it’s up again. I have also restarted the machine as well to make sure everything works on a fresh start.

1 Like

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.