Hello everyone - have a super strange issue occurring at a few offices that I support. Users are able to receive inbound calls without any issues but are having some outbound call issues. When they place calls outbound they are able to hear the ring-back tone however, when the person on the other end answer the phone they can’t hear them. It’s just silence. I had the users reboot phones and I also rebooted the PBX but that didn’t resolve the issues. I didn’t make any changes on our Firewall or PBX so I figured it was only right to raise a trouble ticket with Vitelity.
Vitelity said and I quote “Our dev team migrated our outbound servers to our new platform last night, which utilizes a new RTP port range of 16384 to 36385 UDP”.
I logged into our firewall and saw that we had previously whitelisted RTP ports 10,000 to 20,000 so I changed the port range to what Vitelity specified but the issue persists. I’m posting here as I am hoping someone else on this forum has Vitelity and might also be experiencing this same issue. Any help would be greatly appreciated.
Your original firewall port range setting was correct, it must match what you have set in Asterisk SIP Settings for RTP. They are advising you of their port range which you only need to concern yourself with for OUTBOUND firewall rules (if you have any).
Do you restrict RTP inbound by IP? If so, you probably need to update that list or open to world.
Yeah, saw that. His issue is exactly the same as mine however his SIP trunk provider is talking about internal IP not sending an ACK back" which I don’t believe it the issue I am experiencing.
He also states that his “fix” was to add the additional RTP ports to his router. Doesn’t go into detail what those additional RTP ports were.
I don’t believe we are restricting inbound by IP, where exactly should I be looking for this info? On my PBX system or on our Firewall? The issue is not with inbound though it’s with outbound calls. I have one office working completely fine but four other offices having the same outbound call issue. All offices are running the same versions of PBX and Firewall software versions.
From this it’s not clear who hears who, RTP is being blocked almost certainly at the site firewall, but which direction is being blocked, RTP inbound to the PBX, or RTP outbound from the PBX to the provider?
RTP outbound from the PBX is the issue. If I were to call you right now from my office, I would hear the ring-back tone. If you were to answer the phone - I would hear nothing but silence on my end. Hopefully this makes sense?
This is from Vitelity. Currently I have the following codecs enabled ulaw, alaw, gsm, g726 and g722. The engineer from Vitelity said he recommends using g711u, g711a or g729. I only see an option for g729.
Jordan,
Below is the invite we discussed over the phone where we are being redirected to an alternate IP for SDP, and multiple codecs we do not support:
Hearing ringback is irrelevant, it’s simulated not received as RTP.
ulaw = g711u
You can disable whatever codecs you want from Asterisk SIP Settings and keep ulaw, I doubt this is your issue. I suspect that RTP from 97.99.240.112 is being blocked at the site (not the) firwall.
In your router/firewall, forward UDP from any IP and port, with destination ports 10000-20000, to the private (LAN) IP address of the PBX. If you still have trouble, confirm that the WAN interface of the firewall is the 97.99.x.x address.
I have asked Vitelity to supply another call invite because the one that he supplied was from our PBX here in Dallas and at this office I have no issues calling outbound. The WAN for our firewall here in Dallas is 66.64.x.x and the NAT Settings in PBX are showing 97.99.240.112 so that’s a little odd to me.
The site we are having issues with has the WAN Firewall as 216.215.x.x and on the NAT Settings on the PBX are identical showing 216.215.x.x
This is the most recent update I have from an engineer at Vitelity.
"I have attached to this ticket the SIP ladder for your call example. It looks like there were a couple calls made at the same time and I wasn’t able to separate them out of the ladder.
I can see that we’re sending you RTP streams from 64.2.142.189 on both calls, one from port 25890 and the other from port 19184
Mark"
I find it strange they state they are sending RTP streams over ports 25,890 and 19,184 because I changed the RTP port range back to 10,000 to 20,000
We are contacting you as your account has been identified as being migrated to the new platform and we wanted to advise you at this time you’ll need to update your accepted RTP ports.
New port range is 16384-36385 (previous port range 10000-20000)
Should you need to contact us or open a new case, please call +1-888-898-4835 or, log into your portal and submit a support ticket.
I told them in an email about three hours ago, that I had not received any notice of port changes and that making global changes without notifying users was careless…
Looks like they sent out an email doing just that after I said something,
Stranger thing is, it calls T-Mobile just fine, but calling AT&T it fails.
They’ve always done this. They’ve added required networks for whitelisting without contacting users before. That being said, if you whitelist their IP ranges you shouldn’t have to do anything else.
Alright so I have an update - this morning I had seven offices that were having issues placing outbound calls. Once the call was connected - the call went silent and they were unable to hear the person on the other end (the person they were calling outbound to). Vitelity recommended initially that we whitelist the RTP port range of 16384-36385 (previously port ranges 10000-20000). I went ahead and applied those changes to both our PFSense Firewall as well as on our FreePBX system. The ticket was escalated to a higher engineer and he recommended that I try ports 10000-36385. That unfortunately did not resolve the issue the issue and I had to make one more change on our firewall which I will outline below. I ended up having to create an outbound NAT rule for vitelity outbound calls - after creating the NAT rule and resetting the firewall states I was then able to place outbound calls without any issues. I hope this helps other people out!
My only issue now is that I still have one site that is having issues. I was able to make the necessary firewall changes because the firewall appliance and software is fairly new. I was unable to make any changes on the PBX in regards to RTP port ranges because it’s a super old version of FreePBX (version FreePBX 2.9.0.15). Under Asterisk SIP Settings I am not seeing any changes I can make that have to do with the RTP port range.
edit: you’re able to edit RTP configs on older versions of FreePBX using WinSCP and navigating to the appropriate directory.