Problem on VOIP on Site to Site VPN between Pfsense and Sonicwall



  • Hi Good day!

    I would like to seek for your help since my e first site who uses Pfsense Firewall and the second site who uses sonicwall firewall are having some issue on the VOIP connection. It always been intermittent and continuous ping are having RTO (Request Timed Out) on random times. But as per checking, other devices like CCTV, Servers, Workstations (Computers) and Laptops doesn't have any problem. Both sites are using leased lines connections and the loads of internet are always monitored and it did not reach the peak bandwidth.

    Hoping for your help to fix this issue.

    We are using the following config below

    Mode: Aggressive
    Key Exchange Version: IKEV1
    Encryption Algorythim: 3DES
    Hash: SHA1
    DH Group: 2
    Lifetime: 86400

    Keep Alive on Sonicwall: Disabled
    Dead Peer Detection on Pfsense: Enabled

    Thank you very much



  • Maybe this one : https://redmine.pfsense.org/issues/7801

    SIP is one of the known creator of fragmented UDP packets.



  • I read the link that you have provided? What is pf? Where to disable it and for the SIP, what I can do with it?

    Thanks



  • You don't want to disable pf because it is the "firewall" used by pfSense. The best choice might be to wait for 2.4.4 and hope it is fixed there.



  • Hi Hoe,

    Please be inform that my issues has been resolved now. I have do the following methods.

    1. Change the Firewall Optimization Options to "Conservative" on System > Advanced > Firewall & NAT (PFsense Side)

    2. "Unchecked" the Clean Up Active tunnels when Peer Gateway DNS name resolved to different IP Address (Sonicwall Side)

    3. Unchecked everything except for "Enable Keep Alive" on the advanced settings of the vpn setup on Sonicwall.

    Please refer on the attached screenshot as reference.







Log in to reply