Problem on VOIP on Site to Site VPN between Pfsense and Sonicwall

jhaayceeee

Hi Good day!

I would like to seek for your help since my e first site who uses Pfsense Firewall and the second site who uses sonicwall firewall are having some issue on the VOIP connection. It always been intermittent and continuous ping are having RTO (Request Timed Out) on random times. But as per checking, other devices like CCTV, Servers, Workstations (Computers) and Laptops doesn't have any problem. Both sites are using leased lines connections and the loads of internet are always monitored and it did not reach the peak bandwidth.

Hoping for your help to fix this issue.

We are using the following config below

Mode: Aggressive
Key Exchange Version: IKEV1
Encryption Algorythim: 3DES
Hash: SHA1
DH Group: 2
Lifetime: 86400

Keep Alive on Sonicwall: Disabled
Dead Peer Detection on Pfsense: Enabled

Thank you very much

lst_hoe

Maybe this one : https://redmine.pfsense.org/issues/7801

SIP is one of the known creator of fragmented UDP packets.

jhaayceeee

I read the link that you have provided? What is pf? Where to disable it and for the SIP, what I can do with it?

Thanks

lst_hoe

You don't want to disable pf because it is the "firewall" used by pfSense. The best choice might be to wait for 2.4.4 and hope it is fixed there.

jhaayceeee

Hi Hoe,

Please be inform that my issues has been resolved now. I have do the following methods.

1. Change the Firewall Optimization Options to "Conservative" on System > Advanced > Firewall & NAT (PFsense Side)

2. "Unchecked" the Clean Up Active tunnels when Peer Gateway DNS name resolved to different IP Address (Sonicwall Side)

3. Unchecked everything except for "Enable Keep Alive" on the advanced settings of the vpn setup on Sonicwall.

Please refer on the attached screenshot as reference.