Registered phone can get calls but cant make calls

I have a weird problem. I assume its firewall related since it happened after I moved the phone to another network.

I have a Grandstream GXP2170 thats in an office offsite. I have about 20 extensions there working fine including this extension. My PBX is running on a virtual server in another state. All the phones work without issue. I move one phone to a home office. I can call this extension from any other without any issues and carry on a conversation without issue. If I try to make an outbound call i get an error message “no response” on the display and a busy signal. In free PBX I can see the extension is registered and everything looks normal from all perspectives I looked at. The home network is a high speed fiber (FiOS) from verizon and I checked he firewall and it has an outbound policy of allowed and an inbound policy of reject. I assume this means it allows all outbound connections but rejects “unsolicited” inbound connections (remember, if I call the extension it works fine). I have another office also with Verizon FiOS and same firewall) which works in and out no problem?

  • I have updated the firmware on the GXP2170 with no difference
  • I have verified the IP of the home office is in my whitelist.
  • Endpoint manager shows the extension as registered (with the IP thats on my whitelist).
  • When the extension is trying to dial out, I see nothing in the asterisk log
  • Firewall has no restrictions on outbound connections
  • This extension (109) cant call any other extension or outside number
  • If I reboot the extension (109) I see the phone “unreachable” in FreePBX logs, when it boots up is see “109 now reachable” in the log
    Distro freepbx 14.0.11 (asterisk 13.22.0), basic setup all I did was add extensions (PJSIP) and SIP trunk.

Suggestions? What else should I look at?

I am guessing that this is a SIP ALG issue. If your FiOS router allows you to disable ALG, try that. On some, you can’t; see .

Possibly, you can work around the issue by using non-standard ports. On the GXP, try changing Local SIP Port from 5060 to e.g. 5080. If no luck and pjsip is listening on port 5060, try setting up the extension as chan_sip on port 5160 (or whatever Bind Port is set to).

If still no luck, do a packet capture on the Grandstream to confirm that a proper INVITE is going out. If so, run tcpdump on the PBX to see what, if anything, is coming in. If the FiOS router is garbling or dropping the INVITE, possible workarounds include a VPN connection (OpenVPN built into phone and PBX) or using SIP over TCP or TLS.

Yes my PJSIP is 5060 and my SIP is 5160. I will check into that. Do Grandstreams have VPN? I’ll have to research that. I see there is a few port forwarding rules for Xbox in the firewall, let me look and see if any of them are using a VoIP port?

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.