Asterisk on LAN and no traffic to qVOIPDown on incoming calls



  • pfSense 1.2

    Outgoing calls appear to be routed to both qVOIPDown and qVOIPUp
    Incoming calls only route to qVOIPDown, sending the rest to qwandef

    Our matchings rules look something like this, where "voipphones" is a list of all our phones and asterisk server.

    WAN->LAN  * *           voipphones qVOIPDown/qVOIPUp VOIP Adapter

    LAN->WAN  * voipphones *           qVOIPUp/qVOIPDown VOIP Adapter

    We are using SIP phones, but the server runs IAX and connects to IAX providers.  Your help is really appreciated, we've been running our system like this for a while, but when we have conference calls, call quality issues appear.

    Thanks!!



  • Is the server offsite or on your LAN?
    Is it possible that voice traffic is going through an IPSEC or OpenVPN tunnel by any chance?

    Don't disregard the fact that choppy calls on conference calls is often a server timing problem and not network-related, though you have to look at both options. Do you have a timing device in your server?



  • @stechnique:

    Is the server offsite or on your LAN?
    Is it possible that voice traffic is going through an IPSEC or OpenVPN tunnel by any chance?

    Don't disregard the fact that choppy calls on conference calls is often a server timing problem and not network-related, though you have to look at both options. Do you have a timing device in your server?

    The asterisk server and phones are on the LAN and are not being tunneled through IPSEC.  I do not have a timing device, not sure what that is used for.

    The reason Im raising the flag is because I can see the traffic is not being passed through the appropriate queue in one direction.



  • So instead of using your alias for matching traffic, try using ports:
    WAN->LAN UDP * *:5060 qVOIPDown/qVOIPUp
    WAN->LAN UDP * *:10000-20000 qVOIPDown/qVOIPUp
    LAN->WAN UDP *:5060 * qVOIPUp/qVOIPDown
    LAN->WAN UDP *:10000-20000 * qVOIPUp/qVOIPDown

    This should match SIP and RTP traffic using default ports on asterisk.



  • @stechnique:

    So instead of using your alias for matching traffic, try using ports:
    WAN->LAN UDP * *:5060 qVOIPDown/qVOIPUp
    WAN->LAN UDP * *:10000-20000 qVOIPDown/qVOIPUp
    LAN->WAN UDP *:5060 * qVOIPUp/qVOIPDown
    LAN->WAN UDP *:10000-20000 * qVOIPUp/qVOIPDown

    This should match SIP and RTP traffic using default ports on asterisk.

    I have tried this approach, however, we are using IAX and the phones use SIP.  So SIP -> internal asterisk -> IAX -> provider is how I think it works.

    So to re-iterate, we have tried using ports instead of aliases.  We used UDP 4569 incoming and outgoing which still does not seem to match qVOIPDown.

    Any more ideas on how to best troubleshoot?



  • @datafirm

    So from what I understand your PBX is on the WAN side of the pfsense, no IPsec. I would suggest not filtering on ports but on PBX IP. Try changing the rules like this:

    WAN->LAN  *  <ip of="" pbx="">*                  qVOIPDown/qVOIPUp    VOIP Adapter

    LAN->WAN  *  *                  <ip of="" pbx="">qVOIPUp/qVOIPDown    VOIP Adapter

    Regards,
    Bert</ip></ip>



  • @bertw:

    @datafirm

    So from what I understand your PBX is on the WAN side of the pfsense, no IPsec. I would suggest not filtering on ports but on PBX IP. Try changing the rules like this:

    WAN->LAN  *   <ip of="" pbx="">*                   qVOIPDown/qVOIPUp    VOIP Adapter         
       
    LAN->WAN  *   *                  <ip of="" pbx="">qVOIPUp/qVOIPDown    VOIP Adapter

    Regards,
    Bert</ip></ip>

    Thanks for the suggestion, but that is what I am currently doing.  We are filtering all the VoIP phones and the asterisk box, all of which are on the LAN side connected through pfSense.

    We still do not get much if any traffic through qVOIPDown.


Locked