Does pfsense have sip alg?
-
Our phones stopped working the other day and I'm pulling my hair out trying to go through everything one by one.
One of the things on my checklist from our pbx vendor is saying to make sure spg alg is disabled. Does pfsense have this feature and if so, where do I disable it?
-
I'm nearly certain that pfSense doesn't have SIP ALG. Someone has made a siproxd proxy package for pfSense, but it's something that would need to be knowingly installed.
-
Nope, there is no SIP ALG function in pfsense.
Most of the problems I've had with VOIP phones and pfSense have usually been solved by making sure the phones are using static ports on the outbound NAT.
Here's the relevant documentation:
https://doc.pfsense.org/index.php/VoIP_Configuration
https://doc.pfsense.org/index.php/PBX_VoIP_NAT_How-to
https://doc.pfsense.org/index.php/Siproxd_package -
The closest thing to a SIP ALG is the siproxd package, which you almost never want.
If you have local phones + a remote PBX the most common thing that causes them to get tripped up are states not living long enough to keep their external port mappings consistent. If the phones do not send or receive any traffic, eventually their states timeout and when that happens the PBX can't contact them, and if they try to make contact with the PBX again they end up on a different port.
The best fix for that is to set the firewall to Conservative mode (System > Advanced, Firewall & NAT tab), and to set the phones to re-register every 30-60s, and if they have a keep-alive option, set it similarly.
-
Thanks everyone. Appreciate the feedback.
