Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    RTP packets being dropped in one direction. (Not traversing the IPSEC tunnel)

    Scheduled Pinned Locked Moved IPsec
    5 Posts 3 Posters 4.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      SpeederA
      last edited by

      Hi everyone!

      I have two 1.2.3 pfSense boxes with an IPSEC tunnel between them.
      The current firewall rules allow for all packets types/ports between both subnets.

      Device on the remote side is an aastra 6757i, local side is a standalone Asterisk box.

      SIP traffic traverses just fine in both directions.
      RTP traffic from local to remote works no problem.
      RTP traffic from remote to local gets dropped.

      Packet capture on the LAN interface of the remote side shows the RTP traffic being sent to the local side.
      Packet capture on the VOIP interface (optional interface that the asterisk box is on) on the local side shows none of the RTP packets.

      End result is one way audio (the remote side hearing the local but the local not hearing the remote).

      Any ideas?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        If you connect with ssh, you can do a tcpdump on enc0, which is the IPsec interface, so you can see what traffic is or isn't hitting the tunnel.

        Last time I saw something like this, the SIP/RTP traffic had a via header of the pbx side's public IP so it came out the tunnel on one side and tried to go out WAN on the return trip because that's what the SIP headers told it to do… :-)

        If you take the packet capture on the phone side as it leaves LAN, load it up in wireshark, and inspect the SIP headers you may find something similar.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • J
          jonnytabpni
          last edited by

          Sorry to reply to this so late, but jimp is correct. If this is an Asterisk box, you have to set
          localnet = 192.168.0.0/255.255.255.0

          in sip.conf

          (Substitute the subnet above for your own local subnet)

          hope that helps

          1 Reply Last reply Reply Quote 0
          • S
            SpeederA
            last edited by

            via is correctly set in the packets.
            localnet was already set in the FreePBX interface….

            =o\

            The packets are literally dissapearing into the ether...

            1 Reply Last reply Reply Quote 0
            • S
              SpeederA
              last edited by

              @jimp:

              If you connect with ssh, you can do a tcpdump on enc0, which is the IPsec interface, so you can see what traffic is or isn't hitting the tunnel.

              tcpdump on enc0 is not showing the rtp packets at all on either side (capturing on the incoming/outgoing interface does show them as well as the ones that make it from local->remote)

              No clue why it is not capturing the rtp packets that I know are getting through. (SIP packets are being captured fine).

              Am just doing a tcpdump -ienc0 -wtcpdump.cap
              ….. =o\

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.