I have a series of remote extensions that I connect to FreePBX via the use of OpenVPN connections. The OpenVPNs are anchored to the firewall (pfSense), not to FreePBX.
ExternIP is set to the external IP of the firewall. Local subnets and all OpenVPN subnets are all added as local IPs in the settings via the use of a /16 subnet.
The SIP signaling works fine, but the RTP traffic is sent to the public IP of the phone/computer instead of the OpenVPN IP, so my calls have no audio.
I currently have two remote extensions where this should work. One (from my phone) works fine. One (from my laptop) doesn’t, and just sends the RTP traffic to the remote IP.
I have compared the setups for both extensions in the FreePBX WebGUI and they both would appear to be the same.
The research I have done to date suggests using custom NAT, or some kind of forwarding to solve the issue. This pfSense is an anchor for numerous VPNs (and is about to be responsible for more) so I can’t forward all ports to the roadwarrior, as others will need the same functionality.
I have tried connecting the roadwarrior VPN at two separate locations to ensure an interim firewall wasn’t causing the problem. The problem exists both times.
NAT is set to yes in the FreePBX settings.
Any help appreciated, let me know if you need any more info.
This is currently a service killer for me, and I can’t for the life of me work out what’s happening. 3 days is enough, so time to ask for help.
I just tried setting it to No real quick - and no dice.
Interestingly enough, when I say the SIP traffic is sent to the public ip, it is sent to the IP of the first ethernet device. At work, the address is 10.0.1.x, at home the address is 192.168.0.x. So rather than being sent to the external IP of the network, it’s sent to the address of the first NIC. Not sure if this changes anything, but it just seems its getting confused about which address it should be sent to - it should be the OpenVPN allocated IP.
Okay, I have tried all the different NAT types on the extension itself, reloaded the PBX, and nothing seems to change between each one. It’s still trying to send the RTP traffic to the machine’s LAN address, instead of the OpenVPN interface.
Could this be a bug in the system? Either than or I guess the pfSense router could be causing the problem, but the other extensions that I use don’t seem to be having the same trouble, so I’m hesitant to think it’s this.
It was the softphone. SFLphone, despite working fine in the past, doesn’t work in this setup.
I mucked with all the settings, and could not get it to work properly.
I have now changed to zoiper (the only reliable softphone I know of) and audio came through a treat on my test setup.
Now to work with the production environment, I’ll post back if anything changes.