RTP issue for external phones

I can’t wrap my head around this. Our trunks are registered and working, as are our internal phones.

2 external handsets can make calls etc… but no audio. First thought is firewall, however, the firewall is configured to allow all inbound traffic on any port from the IP the external phones are on. Second thought is ALG, but its been turned off.

The extensions are set for NAT = Yes (force_rport,comedia)

I enabled RTP debug on the FreePBX server and saw this:
Got RTP packet from x.x.x.x:16518 (type 00, seq 015555, ts 1896205819, len 000160)
Sent RTP packet to (type 00, seq 050378, ts 1896205816, len 000160)

The PBX is sending the RTP packets to the internal IP of the handset. THis explains why its not working. But I cannot understand WHY…?

To make things even more confusing, one of our extensions is connected to a Yeastar MyPBX appliance which is registering itself using that extension (2999) as a trunk. Calls to that extension correctly get into the external PBX with two way audio - suggesting its probably not the firewall. That extension is configured in FreePBX exactly the same as the ones which are not working.

With the exception of the MyPBX, any external handset/soft client doesnt work.

Under Asterisk SIP Settings I’ve checked a few things:

External Address - is our correct public IP used by the FreePBX server
Local Networks - this is the internal network that the internal handsets are on (doesn’t explain the MyPBX)
RTP = 10000 - 20000

Chan_SIP Settings
NAT yes
IP Config static
Reinvite no

I’m cautious to change settings in here, because internal hand sets (and that one external PBX) are working correctly.

Can anyone give me any guidance?

I know this is likely not the case based on the info you’ve provided but have you looked at port rewrites?

We had a simmilar issue with traffic going through our pfSense firewall.