Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Current pfSense (through to at least 21.05.2), SIP phone behind firewall, incoming call audio cuts out after 25-30 minutes, how to fix?

    Firewalling
    voip
    3
    6
    1.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tea
      last edited by

      I'm at a loss here.

      I have a VoIP phone behind a SG-3100, where the SG-3100 sits directly on the Internet and has a globally routable IP address. The phone is configured for accounts with several different VoIP providers.

      Incoming calls get through fine, and connect.

      So do outgoing calls.

      I have two-way audio during the call.

      Outgoing calls are perfectly unproblematic for however long I'm on the phone.

      Incoming calls, however (that is, when someone calls me) work fine only for the first 25-30 minutes (the exact amount of time seems to vary slightly, but it's usually pretty close to the 27 minutes mark), at which point audio completely disappears in both directions. The phone still considers the call to be connected, but I can no longer hear the person I'm talking to and the person I'm talking to can no longer hear me. The solution is to hang up and for either party to redial.

      I have tried changing various settings including "Firewall Optimization Options" (currently set to Conservative) as well as increasing State Timeouts in the advanced configuration settings. The pfSense state table is nowhere near full, usually hovering at a few percent reported utilization.

      On several occasions when this has happened, I have checked the firewall logs, at which time there has been nothing whatsoever relevant there. Lots of dropped traffic (background noise of the Internet these days) but nothing that I can correlate to either the phone call itself or the fact that audio stopped working in it by time, IP addresses or ports.

      I have tried making various adjustments in the phone administration interface, including ICE/STUN, UDP/TCP for server connectivity, RTP ports (with or without port forwarding in pfSense), server expiry, keep alive type, rport, session timer, session expiry, session refresher (UAC/UAS). Nothing seems to make much of a difference for this, but maybe I just haven't hit the magic combination yet.

      It's hard to troubleshoot this and try various changes because someone has to actually call me for the issue to arise, and it only shows itself after almost half an hour. Let me emphasize that outgoing calls work perfectly fine.

      I really don't want to put the phone unprotected directly on the public Internet.

      Any suggestions for how to solve this would be greatly appreciated.

      KOMK 1 Reply Last reply Reply Quote 0
      • KOMK
        KOM @tea
        last edited by

        @tea What do you have for System - Advanced - Firewall & NAT - Firewall Optimization Options? If set to Normal, try Conservative.

        T 1 Reply Last reply Reply Quote 1
        • T
          tea @KOM
          last edited by

          @kom said in Current pfSense (through to at least 21.05.2), SIP phone behind firewall, incoming call audio cuts out after 25-30 minutes, how to fix?:

          @tea What do you have for System - Advanced - Firewall & NAT - Firewall Optimization Options? If set to Normal, try Conservative.

          As stated in the original post:

          I have tried changing various settings including "Firewall Optimization Options" (currently set to Conservative)

          KOMK 1 Reply Last reply Reply Quote 0
          • KOMK
            KOM @tea
            last edited by

            @tea Duh, sorry my eye skipped over that.

            1 Reply Last reply Reply Quote 0
            • D
              danievr
              last edited by

              @tea Have you fixed it? Things you could try: NAT keepalive of 15 seconds; Register Expires 30 secs; If supported, use TCP instead of UDP; If your calls are proxied through your provider's servers, they might terminate the call based on policy. dslreports.com has a lot of info on VOIP.

              T 1 Reply Last reply Reply Quote 0
              • T
                tea @danievr
                last edited by

                @danievr said in Current pfSense (through to at least 21.05.2), SIP phone behind firewall, incoming call audio cuts out after 25-30 minutes, how to fix?:

                @tea Have you fixed it? Things you could try: NAT keepalive of 15 seconds; Register Expires 30 secs; If supported, use TCP instead of UDP; If your calls are proxied through your provider's servers, they might terminate the call based on policy. dslreports.com has a lot of info on VOIP.

                It turns out that this most likely was something in the interaction between the particular VoIP phone and the particular IP telephony provider through which I received most of my incoming calls.

                For reasons unrelated to this issue, I ended up needing to switch VoIP providers. Having made the minimum changes necessary to connect to the new provider (essentially server and authentication details), the problem seems to have disappeared.

                I wish I knew what the actual problem was, but at least it's working for me now.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post