Ports are there and single device behind the firewall. I did adjust the timeout to conservative still no audio either way. Thanks guys for the assistance!
Does your provider proxy media. Or do they do direct audio to their ULC. Most providers dont proxy media and require you to open 10K-20K to the world.
Try it with those wide open for 5 minutes and see if it works.
At the Asterisk command prompt, type
pjsip set logger on
sip set debug on
and make a test call.
Confirm that the SDP in the INVITE has your correct public IP and that the SDP in the provider’s response has an address passed by your firewall.
I don’t see that option from the command line my friend. I would like to know as well after the firewall change my SIP provider said it would be a minimum of $300 for a block of hours to troubleshoot. And I am thinking it has to be something simple. I am almost tempted to buy another router (Asus) and just do the port forwarding to test.
I have no idea I did this as POC to see if I liked it and to administer and now it has become something of an issue trying to get to work. I read somewhere that I could just NAT my Freepbx on the system itself and it would work. Honestly I am almost tempted to start from scratch…
I do want to thank everyone for their assistance I work in the technical field and only had to deal with Mitel boxes so I didn’t really need to handle most of it our vendor did. But Freepbx caught my interest. Again thanks I know I will get it figured out eventually.
I ran an asterisk -rvv I can hear a dial tone when picking up my headset (Sangoma s505) but after it dials out no sound. I leave everything connected then the make call after a bit of time it just drops.
please see attached
There’s some good documentation on the pfSense website:
I had FreePBX working for many years with pfSense. I suspect your issue is actually how you have configured your pfSense NAT or firewall rules rather than FreePBX. The pfSense forums may be a better place to get help.
- Try connecting a phone to the WAN (before) of pfsense and see if the phone work.
- If you are using Chan-SIP extension make sure NAT Mode is set to Yes
- Do you have pfBlockerNG? if so see if it is blocking the phone / FreePBX. Try to disable it and see if things work
Thanks sorry for late reply will look more into that. My experience has been on F5 and Checkpoint firewalls I just like PFsense I will definitely look again.
@gsiemon looking into those videos and docs now thanks so much. Hope this resolves it (fingers crossed).
So I watched the youtube video and I had all those setting already on my pfsense from the PfSense troubleshooting guide. ;(
When I dial in I get no audio and the following: Using SIP RTP TOS bits 184
== Using SIP RTP CoS mark 5
Seriously have you just tried opening 10K to 20K and to the world and forwarding them for like 5 minutes? Or who is your provider…someone will be familiar with whether or not they proxy audio. But you get no audio and you don’t have your audio ports open. So…just open them to the world for like 5 minutes and see if it works.
Lack of RTP activity. That would be ports 10K-20K. Almost all reputable providers just do signaling they don’t send the audio. The audio comes directly from Level3, or who ever they are sending the call to.
I will likely open to world to test. Been a crazy week but ready to get this resolved will try it out. And report back. Well editing this because I just did a test and opened to the world for source and source ports for RTP and it is working now… Now to work backwards and secure it.
Only thing I changed in role was the Source and Source ports everything else was the same*
So after troubleshooting I opened a ticket with my sip provider. First thing I found was the ip addresses for RTP weren’t in my alias list nor given to me by my provider. Secondly some of the request were out of the 10K -20K range. I asked my provider to put my account on hold until I could figure out last week as they suggested I paid for support. But having the time to look into this I hope that I get credited or something for this… Thanks all for the suggestions.
Vendor says I am the only person with this issue is it secure if I just open RTP because the SIP protocol is locked to vendor?
This is what ive been saying the whole time. Open 10K-20K to the world and youll be fine. It doesn’t matter what port the request comes from only TO…which they will negotiate with your box. RTP is open to the world for most of us who use a provider that doesnt proxy media. You dont want them proxying your media anyways. You want the media sent as direct as possible to the pstn.
Thanks so much for this and apologies for not doing this suggestion first :). But provider instructions had something different and prior on my Asus Router I only did those specific ports.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.