I have a persistent issue with my SIP trunk registration and would appreciate any advice.
Setup:
I use a single SIP trunk: sip:sip.alice-voip.de:5060 for all my calls.
My Asterisk server is behind a pfSense firewall.
NAT rules forward port 5060 and all RTP ports (10000-20000) to my Asterisk server.
My public IP changes every day at 6 AM.
Problem:
Frequently, my trunk goes offline.
For troubleshooting, I run tcpdump -i any host sip.alice-voip.de in one terminal and pjsip send register O2_Landline in another.
When the trunk is offline, no SIP registration packets are sent out from any interface.
If I run fwconsole restart and then pjsip send register O2_Landline, packets start flowing and the trunk registers successfully. This works for a few hours or days, but eventually the problem returns.
The only way to restore registration is to reboot the server or run fwconsole restart.
What I’ve Tried:
Verified NAT and port forwarding rules in pfSense.
Confirmed that SIP and RTP ports are correctly forwarded.
Observed that my public IP changes daily.
Question:
Why does my trunk registration stop sending packets until I restart FreePBX or reboot the server?
Is this related to my changing public IP, NAT, or something else?
What can I do to make registration reliable without manual intervention?
Check your pfSense firewall configuration and make sure you are using the suggested setting for VoIP
Also, if your IP consistently changes everyday at a fixed time, you should consider scheduling a firewall state kill after the IP changes to flush firewall states.
You may also want to associate a dyndns to your public IP, as asterisk needs to know it in order to work correctly when NAT is involved.
Even with dynamic DNS, the default settings can mean it can take up to 5 minutes to recover from a gratuitous IP address change. The best option is to find a better ISP. One theory is that they do this to stop people running servers on consumer/micro business accounts.
The 5 minutes is to refresh the IP from DNS. Potentially it can take much longer for a re-registration to become due.
I use noip.com on my home system, because I have a dynamic IP that changes sometimes. The have a linux update client. I run the linux client on my linux file server (Rocky Linux 8), but I am sure it would run on freepbx as well. I use didforsale.com for my sip trunk, and they have a place where you can specify your IP and you can put a host name in there. Then if they cannot reach your server they will look it up again and send a SIP invite on port 5060 and build the connection to the trunk again. It can take a few minutes for the IP/DNS to update though.