Have a sangoma s500 and s705 phones at a remote workers home, connected to a hosted freepbx server 14.0.13.24. Phones are on the latest firmware. They are behind a zyxel usg20w-vpn firewall and using Sprint cellular service cradlepoint modem. The phones keep losing their sip registration. They are using chan sip. Portal redirection is setup. The phone pulls the config fine over tftp but the sip registration fails. If you factory reset or restart the phone several times, it will eventually register. But we need to get to the bottom of this and figure out why they lose registration.
Cellular modems tend to change WAN IP addresses more frequently vs. cable/DSL. If that is the case here, then reducing the SIP registration period might help you.
They have a static ip. Lost registration an hour ago. Tried using https registration and it registered for a few minutes then dropped out again. Turned off portal redirection, exported phone config to an xml file and modified the file to register via ip address instead of fqdn. Also changed registration time from 15 to 90minutes. Now it just became unregistered again.
And they are coming in over VPN so the PBX only sees the private IP of the phone ?
Does ICMP from PBX to phone run clean during these outages – eg. using “ping -c 1000 PH.ONE.IP.ADDRESS” command at a GNU/Linux shell prompt shows no issues ?
Given the static IPs, another option might be to set up some selective port forwards, to only allow those statics in, on UDP 5060 for example, which could make the SIP registration step less necessary (helpful if the phone itself is borking the process due to background cosmic radiation 
More generally, and whenever possible, limiting inbound traffic to static IPs on your PBX software firewall is going to make for better security.
That may be seconds in the field you changed not minutes ?
Assuming low-traffic environment, try 45 seconds, to keep the port open.
There is no vpn. There is firewall rule to only allow traffic from pbx ip to the phone. I enabled ping on the router but it times out and the router firewall log doesn’t show any logs for it.
“Something” probably the firewall or the Cradlepoint is killing the live sessions.
Try to look in both devices for “SIP ALG” or “SIP Helpers” and disable it.
We have identical setups that work fine. In fact the main office for this customer is on the same setup and those phones are fine.
Something is obviously different… Did you check those settings? Different firmware version maybe?
Found the issue is the Sprint service dropped down to a very poor connection, from a 12x3 to 1x.3, and latency was too high. Ended up going with a fixed wireless service to resolve.
1 Like
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.