Asterisk PBX behind pfsense, state problems
-
Hello,
I configured asterisk to update external host by addingnat=yes
externhost=mydomain.selfip.net
externrefresh=120
localnet=10.10.10.0/255.255.255.0to sip_nat.conf
however, pfsense creates a state
tcp 192.168.9.6:20545 -> 66.66.163.170:56902 -> 70.34.32.138:3389 ESTABLISHED:ESTABLISHED
^MY PBX BOX^ ^my external ip^ ^VOIP Provider^(((When external ip changes, this state is not updating)))
I am using ppoe dsl, and I can not get a static ip with my provider.
For some reason whenever my ip changes, pfsense never updates/restarts the state,
and my voip registry drops, and is unable to reconnect, until I manually remove/delete the state
from Diagnostics: Show States pfsense page.someone else already had this problem
http://forum.pfsense.org/index.php?topic=6531.msg58027
but it was never solved.I also tried 1.2.3-PRERELEASE-TESTING-VERSION
But the problem persists.Any advice?
Thank you! -
Create a rule for this connection on your LAN interface and under advanced options change the state timeout to be less than your registration timeout. Make sure that rule is above your default allow rule. Should be all you need to do.
–Bill
-
Thank you Bill. Will try and report back.
-
pfsense just wont timeout that state, I tried everything:
udp 10.10.10.80:5060 -> 67.46.139.74:5060 -> 208.68.18.229:5060 MULTIPLE:MULTIPLE
PBX BOX MY PPOE IP VOIP Providerrules I tried:
All rules
State Timeout in seconds 300
State Type Keep state(ON WAN)
Proto Source Port Destination Port Gateway Schedule DescriptionTCP/UDP 10.10.10.80 * * * *
TCP/UDP * * 208.68.18.229 * *
TCP/UDP * * 10.10.10.80 * *(ON LAN )
TCP/UDP * * 10.10.10.80 * *
TCP/UDP 208.68.18.229 * * * *
TCP/UDP 10.10.10.80 * * * *
TCP/UDP * * 208.68.18.229 * *but the state just wont timeout,
all rules are located at the top pf the list. -
any advice, tried everything
-
try to activate dnsmgr.conf:
[general] enable=yes ; enable creation of managed DNS lookups ; default is 'no' refreshinterval=120 ; refresh managed DNS lookups every <n> seconds ; default is 300 (5 minutes)</n>
-
using FreePBX,
dnsmgr.conf was not in /etc/asterik
So I created it, rebooted,
same problem. -
pfsense just wont timeout that state, I tried everything:
udp 10.10.10.80:5060 -> 67.46.139.74:5060 -> 208.68.18.229:5060 MULTIPLE:MULTIPLE
PBX BOX MY PPOE IP VOIP Providerrules I tried:
All rules
State Timeout in seconds 300
State Type Keep stateWhat's the registration interval? If it's 300, you need to have state timeout no greater than 290 (10 second state flush timer). However, default state timeout for UDP is 30 seconds. I know my provider requires 30 second re-registrations, so in your case, I'd have to change the state timeout on this to 20 seconds at most (knowing that it's only a couple of packets, I'd be tempted to just make it 10 seconds).
–Bill
-
I am having a similar issue but with a static IP. I have a multiwan setup with one static cable and one pppoe DSL. I have the voip traffic all pushing through the static connection. There are 2 different voip providers I am using. One has no issues and the other always loses registration overtime and I have to clear the state manually to fix this. The state always says multiple:multiple and has 2 entries for in/out paths. I am trying the state timeout to see if it will help me in this scenario.
Funny thing is when I push the traffic from that provider out through the pppoe link everything works well but I have no traffic shaper as that has been configured on the static line and there is no multiwan traffic shaper yet. I need the shaper because calls tend to get choppy when it gets busy otherwise.