grandstream pbx connection to gamma sip trunk issues
-
We are attempting to replace an ipfire system with pfsense, The existing system has a grandstream pbx connecting to a gamma trung without any issues. when we replace the ipfire with pfsense the then we can't get the sip trunk to work properly - the first indication is that incoming calls only have one way audio - that is fairly common and the standard answer is to follow the documentation here https://docs.netgate.com/pfsense/en/latest/nat/configuring-nat-for-a-voip-pbx.html
but that doesnt make any difference - after doing a compare of packets on the lan and natted packets on the wan interfaces for both systems we found that the ip packet was being natted on both systems but that the sip headers were being changed in the ipfire but not in the pfsense.So for both systems we are being presented with this on the LAN interface:
Internet Protocol Version 4, Src: 10.46.1.10, Dst: 88.215.55.107
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Source Port: 5060
Destination Port: 5060
Length: 1148
Checksum: 0x3559 [unverified]
[Checksum Status: Unverified]
[Stream index: 7]
[Timestamps]
Session Initiation Protocol (INVITE)
Request-Line: INVITE sip:111111610077@88.215.55.107 SIP/2.0
Method: INVITE
Request-URI: sip:111111610077@88.215.55.107
[Resent Packet: False]
Message Header
Via: SIP/2.0/UDP 10.46.1.10:5060;rport;branch=z9hG4bKPje7d0a0b9-132f-4c41-b1b4-aa0626734811
Transport: UDP
Sent-by Address: 10.46.1.10
Sent-by port: 5060
RPort: rport
Branch: z9hG4bKPje7d0a0b9-132f-4c41-b1b4-aa0626734811
From: "01614528000" sip:01614528000@111.192.9.102;tag=729edee0-9dad-4700-abba-3a43aafe4fcd
SIP Display info: "01614528000"
SIP from address: sip:01614528000@111.192.9.102
SIP from address User Part: 01614528000
SIP from address Host Part: 111.192.9.102
SIP from tag: 729edee0-9dad-4700-abba-3a43aafe4fcd
To: sip:111111610077@88.215.55.107
SIP to address: sip:111111610077@88.215.55.107
SIP to address User Part: 111111610077
SIP to address Host Part: 88.215.55.107
Contact: sip:f339e7a7-bb91-4d14-86d7-a9e52e14e642@10.46.1.10:5060
Contact URI: sip:f339e7a7-bb91-4d14-86d7-a9e52e14e642@10.46.1.10:5060
Call-ID: b8a26b32-b5fc-455b-9d45-fe6e67ed4130
[Generated Call-ID: b8a26b32-b5fc-455b-9d45-fe6e67ed4130]
CSeq: 3546 INVITE
Allow: OPTIONS, INFO, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL, UPDATE, PRACK, MESSAGE, REGISTER, REFER
Supported: 100rel, timer, replaces, norefersub
Session-Expires: 1800
Min-SE: 90
X-UCM-AudioRecord: *3
X-Grandstream-Transport: trunk
Max-Forwards: 70
User-Agent: Grandstream UCM6510V1.4B 1.0.13.14
Content-Type: application/sdp
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Source Port: 5060
Destination Port: 5060
Length: 1159
Checksum: 0x5bad [unverified]
[Checksum Status: Unverified]
[Stream index: 8]
[Timestamps]
Session Initiation Protocol (INVITE)
Request-Line: INVITE sip:111111610077@88.215.55.107 SIP/2.0
Method: INVITE
Request-URI: sip:111111610077@88.215.55.107
[Resent Packet: False]
Message Header
Via: SIP/2.0/UDP 1cd ..111.192.9.102:5060;rport;branch=z9hG4bKPj035fb2b4-28dc-4fc2-ad7c-74c5e6cd3ab1
Transport: UDP
Sent-by Address: 111.192.9.102
Sent-by port: 5060
RPort: rport
Branch: z9hG4bKPj035fb2b4-28dc-4fc2-ad7c-74c5e6cd3ab1
From: "01614528000" sip:01614528000@111.192.9.102;tag=1eb2fdcb-757b-47d1-a549-843ebbbfd6e4
SIP Display info: "01614528000"
SIP from address: sip:01614528000@111.192.9.102
SIP from address User Part: 01614528000
SIP from address Host Part: 111.192.9.102
SIP from tag: 1eb2fdcb-757b-47d1-a549-843ebbbfd6e4
To: sip:111111610077@88.215.55.107
SIP to address: sip:111111610077@88.215.55.107
SIP to address User Part: 111111610077
SIP to address Host Part: 88.215.55.107
Contact: sip:bf532a64-7f58-4571-aae8-6327078d1b85@111.192.9.102:5060
Contact URI: sip:bf532a64-7f58-4571-aae8-6327078d1b85@111.192.9.102:5060
Call-ID: 145a3d93-e9e8-4b62-a7c9-e36f58c8b66b
[Generated Call-ID: 145a3d93-e9e8-4b62-a7c9-e36f58c8b66b]
CSeq: 30189 INVITE
Allow: OPTIONS, INFO, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL, UPDATE, PRACK, MESSAGE, REGISTER, REFER
Supported: 100rel, timer, replaces, norefersub
Session-Expires: 1800
Min-SE: 90
X-UCM-AudioRecord: *3
X-Grandstream-Transport: trunk
Max-Forwards: 70
User-Agent: Grandstream UCM6510V1.4B 1.0.13.14
Content-Type: application/sdp
Content-Length: 362
Message Body
Session Description Protocol
Session Description Protocol Version (v): 0
Owner/Creator, Session Id (o): - 940375837 940375837 IN IP4 111.192.9.102
Session Name (s): Asterisk
Connection Information (c): IN IP4 111.192.9.102The wan interface for the request on the ipfire looks like this
This works
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Source Port: 5060
Destination Port: 5060
Length: 1159
Checksum: 0x5bad [unverified]
[Checksum Status: Unverified]
[Stream index: 8]
[Timestamps]
Session Initiation Protocol (INVITE)
Request-Line: INVITE sip:111111610077@88.215.55.107 SIP/2.0
Method: INVITE
Request-URI: sip:111111610077@88.215.55.107
[Resent Packet: False]
Message Header
Via: SIP/2.0/UDP 1cd ..111.192.9.102:5060;rport;branch=z9hG4bKPj035fb2b4-28dc-4fc2-ad7c-74c5e6cd3ab1
Transport: UDP
Sent-by Address: 111.192.9.102
Sent-by port: 5060
RPort: rport
Branch: z9hG4bKPj035fb2b4-28dc-4fc2-ad7c-74c5e6cd3ab1
From: "01614528000" sip:01614528000@111.192.9.102;tag=1eb2fdcb-757b-47d1-a549-843ebbbfd6e4
SIP Display info: "01614528000"
SIP from address: sip:01614528000@111.192.9.102
SIP from address User Part: 01614528000
SIP from address Host Part: 111.192.9.102
SIP from tag: 1eb2fdcb-757b-47d1-a549-843ebbbfd6e4
To: sip:111111610077@88.215.55.107
SIP to address: sip:111111610077@88.215.55.107
SIP to address User Part: 111111610077
SIP to address Host Part: 88.215.55.107
Contact: sip:bf532a64-7f58-4571-aae8-6327078d1b85@111.192.9.102:5060
Contact URI: sip:bf532a64-7f58-4571-aae8-6327078d1b85@111.192.9.102:5060
Call-ID: 145a3d93-e9e8-4b62-a7c9-e36f58c8b66b
[Generated Call-ID: 145a3d93-e9e8-4b62-a7c9-e36f58c8b66b]
CSeq: 30189 INVITE
Allow: OPTIONS, INFO, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL, UPDATE, PRACK, MESSAGE, REGISTER, REFER
Supported: 100rel, timer, replaces, norefersub
Session-Expires: 1800
Min-SE: 90
X-UCM-AudioRecord: *3
X-Grandstream-Transport: trunk
Max-Forwards: 70
User-Agent: Grandstream UCM6510V1.4B 1.0.13.14
Content-Type: application/sdp
Content-Length: 362
Message Body
Session Description Protocol
Session Description Protocol Version (v): 0
Owner/Creator, Session Id (o): - 940375837 940375837 IN IP4 111.192.9.102
Session Name (s): Asterisk
Connection Information (c): IN IP4 111.192.9.102but on the pfsense we see the following
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Source Port: 5060
Destination Port: 5060
Length: 1149
Checksum: 0x2e99 [unverified]
[Checksum Status: Unverified]
[Stream index: 1]
[Timestamps]
Session Initiation Protocol (INVITE)
Request-Line: INVITE sip:111111610077@88.215.55.107 SIP/2.0
Method: INVITE
Request-URI: sip:111111610077@88.215.55.107
[Resent Packet: False]
Message Header
Via: SIP/2.0/UDP 10.46.1.10:5060;rport;branch=z9hG4bKPjfdc76498-d373-4acf-8e96-1f1087ab655a
Transport: UDP
Sent-by Address: 10.46.1.10
Sent-by port: 5060
RPort: rport
Branch: z9hG4bKPjfdc76498-d373-4acf-8e96-1f1087ab655a
From: "01614528000" sip:01614528000@111.192.9.102;tag=d67ca97c-7e0c-48cd-bb1f-e59cf2bb4820
SIP Display info: "01614528000"
SIP from address: sip:01614528000@111.192.9.102
SIP from tag: d67ca97c-7e0c-48cd-bb1f-e59cf2bb4820
To: sip:111111610077@88.215.55.107
SIP to address: sip:111111610077@88.215.55.107
Contact: sip:5babcd42-9d1a-421e-98ee-f04f5978ffbd@10.46.1.10:5060
Contact URI: sip:5babcd42-9d1a-421e-98ee-f04f5978ffbd@10.46.1.10:5060
Call-ID: 4635f80b-7e63-42a7-aabe-89bce54c3937
[Generated Call-ID: 4635f80b-7e63-42a7-aabe-89bce54c3937]
CSeq: 16454 INVITE
Allow: OPTIONS, INFO, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL, UPDATE, PRACK, MESSAGE, REGISTER, REFER
Supported: 100rel, timer, replaces, norefersub
Session-Expires: 1800
Min-SE: 90
X-UCM-AudioRecord: *3
X-Grandstream-Transport: trunk
Max-Forwards: 70
User-Agent: Grandstream UCM6510V1.4B 1.0.13.14
Content-Type: application/sdp
Content-Length: 358
Message Body
Session Description Protocol
Session Description Protocol Version (v): 0
Owner/Creator, Session Id (o): - 1274414544 1274414544 IN IP4 10.46.1.10
Session Name (s): Asterisk
Connection Information (c): IN IP4 10.46.1.10
Time Description, active time (t): 0 0
Media Description, name and address (m): audio 19716 RTSo the addresses in red above have not been natted whereas on the ipfire they are - how do i configure pfsense to achieve this ? what am i missing !