Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Voip no audio

    Scheduled Pinned Locked Moved General pfSense Questions
    28 Posts 4 Posters 5.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rafamello
      last edited by

      Re: Does pfsense have sip alg?

      Hello, ... I have something similar here.

      The phones connect all right, but there is no audio. If it is placed outside Pfsense it works perfectly.

      The PABX is outside the company, in the cloud, is there any?

      1 Reply Last reply Reply Quote 0
      • S
        Stewart
        last edited by

        VoIP without audio is a NAT issue. If they connect then SIP signaling is working, generally on port 5060 or 5061. If there is no audio then RTP is not working. Check to be sure that SIP ALG is turned off in your modem. That's generally the best place to start.

        1 Reply Last reply Reply Quote 0
        • R
          rafamello
          last edited by

          No modem? But I have a direct DMZ for the sense that controls everything within a forum and what enters.

          1 Reply Last reply Reply Quote 0
          • S
            Stewart
            last edited by

            Your provider would have a modem. Either a Cable or DSL modem. Or if Fiber maybe an ONU? What is the ISP equipment you are plugging into?

            1 Reply Last reply Reply Quote 0
            • chpalmerC
              chpalmer
              last edited by

              You are not double NAT'd are you? VOIP was not originally designed to be behind NAT when it first surfaced. NAT was hacked in later. Double NAT can be double trouble.

              Create a firewall rule allowing your PBX server to your clients behind your pfsense box.

              No port forward.. just the firewall rule.

              Triggering snowflakes one by one..
              Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

              R 1 Reply Last reply Reply Quote 0
              • R
                rafamello
                last edited by

                I have a modem that makes a dmz for pfsense.

                1 Reply Last reply Reply Quote 0
                • chpalmerC
                  chpalmer
                  last edited by

                  What is the WAN address of your pfsense box? Public or private?

                  Triggering snowflakes one by one..
                  Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                  1 Reply Last reply Reply Quote 0
                  • R
                    rafamello @chpalmer
                    last edited by

                    @chpalmer said in Voip no audio:

                    You are not double NAT'd are you? VOIP was not originally designed to be behind NAT when it first surfaced. NAT was hacked in later. Double NAT can be double trouble.
                    Create a firewall rule allowing your PBX server to your clients behind your pfsense box.
                    No port forward.. just the firewall rule.

                    I have as rules both LAN and WAN for IP of IPBX that is in the Amazon.

                    I have no port forwarding as it is external.

                    Many articles say to configure outgoing NAT

                    DaddyGoD 1 Reply Last reply Reply Quote 0
                    • chpalmerC
                      chpalmer
                      last edited by

                      But you seem to be avoiding the main questions.. Are you double NAT'd?

                      Triggering snowflakes one by one..
                      Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                      1 Reply Last reply Reply Quote 0
                      • DaddyGoD
                        DaddyGo @rafamello
                        last edited by DaddyGo

                        @rafamello

                        @Stewart Stewart says it right

                        if you have registration, ergo you have SIP initialization,
                        so if there is no sound then the RTP ports will not pass...
                        most VOIP devices have configurable RTP ports, look for something that is not a bumper and pass it through the NAT (port forward)

                        @chpalmer "Are you double NAT'd?"

                        and his question is also very important

                        +++edit:
                        as shown here:

                        bad6f27d-5ea9-41cd-8bf0-baedb81a1b9a-image.png

                        or
                        (since SIP has NAT Traversal, the RTP not)

                        https://voipstudio.com/blog/sip-nat-traversal/

                        Cats bury it so they can't see it!
                        (You know what I mean if you have a cat)

                        1 Reply Last reply Reply Quote 0
                        • S
                          Stewart
                          last edited by Stewart

                          RTP faces 2 big problems: SIP ALG and NATting. SIP ALG was created to assist in allowing SIP to traverse networks properly by rewriting the ports in the headers. I've troubleshot countless VoIP problems and I've never, not once, seen SIP ALG do anything but break SIP. At this point it's almost like it becomes a selling point for ISPs. NATting is an issue in that the packets have internal and external IPs and ports listed in the info packets. If they get NATted more than once then those get jumbled. It's a terrible mess.

                          Ultimately you must figure out these 3 things:

                          1. Is your WAN a public IP or a private IP? If it's public then you're not being double NATted. If it's private then it is.
                          2. Does the modem have any firewalling in place? Regardless of the rest of the stuff, having the firewall on can interfere.
                          3. Is the modem performing SIP ALG? If so, it must be turned off.

                          The step after that will probably be a Wireshark trace. Start capturing on the WAN, place a test call, hang up, stop the capture. Then you can view the VOIP info in Wireshark and see what's happening. Who is your SIP provider?

                          @DaddyGo Is that a Grandstream inferface I see there? That looks an awful lot like the old GXW4108s I used to use.

                          DaddyGoD R 2 Replies Last reply Reply Quote 0
                          • R
                            rafamello
                            last edited by

                            the company that "sold" the service configured ports 16000: 33000 for RTP.

                            About duplicating NAT, I didn't understand.

                            What I have is:

                            ![0_1593456131058_Screenshot_1.png](Uploading 100%)

                            1 Reply Last reply Reply Quote 0
                            • DaddyGoD
                              DaddyGo @Stewart
                              last edited by

                              @Stewart said in Voip no audio:

                              Is that a Grandstream inferface I see there? That looks an awful lot like the old GXW4108s I used to use.

                              ok you won 😉
                              in some places in our radio studio we use these "beauties" Grandstream HT801 és 802, for older analog phones, as ATA
                              this is because the Cisco STA112 cannot operate from POE power

                              their GUI is evil, but otherwise I think they have been working without problems for 6 to 7 years...

                              Cats bury it so they can't see it!
                              (You know what I mean if you have a cat)

                              S 1 Reply Last reply Reply Quote 0
                              • S
                                Stewart @DaddyGo
                                last edited by

                                @DaddyGo I ran a ton of HT502s and never had a problem. The GXWs needed to be rebooted once or twice year but otherwise worked well. The Sipura/Linksys/Cisco SPA ATA models have been less reliable and cost a bit more. Towards the end of us using them they got a new GUI but I wasn't in them much after that so I'm not sure the difference. I don't think that the newer firmware had the yellow background with the orange headers, though, so that may help with the interface.

                                DaddyGoD 1 Reply Last reply Reply Quote 0
                                • S
                                  Stewart
                                  last edited by

                                  @rafamello Can you re-upload? All I'm seeing is text showing "![0_1593456131058_Screenshot_1.png](Uploading 100%)"

                                  R 1 Reply Last reply Reply Quote 0
                                  • R
                                    rafamello @Stewart
                                    last edited by

                                    @Stewart

                                    1.Is your WAN a public IP or a private IP? If it's public then you're not being double NATted. If it's private then it is.

                                    private
                                    2.Does the modem have any firewalling in place? Regardless of the rest of the stuff, having the firewall on can interfere.

                                    It is disabled
                                    3.Is the modem performing SIP ALG? If so, it must be turned off.
                                    It is disabled

                                    chpalmerC DaddyGoD 2 Replies Last reply Reply Quote 0
                                    • DaddyGoD
                                      DaddyGo @Stewart
                                      last edited by

                                      @Stewart "he GXWs needed to be rebooted once or twice year but otherwise worked well."

                                      now a built-in feature in the GUI for configurable reboot ... juppppijuhe
                                      every two weeks on Sunday at dawn restart and work really well

                                      Cats bury it so they can't see it!
                                      (You know what I mean if you have a cat)

                                      1 Reply Last reply Reply Quote 0
                                      • chpalmerC
                                        chpalmer @rafamello
                                        last edited by

                                        @rafamello said in Voip no audio:

                                        private

                                        Would it be possible for you to bridge your modem and get your public IP address on your WAN?

                                        Triggering snowflakes one by one..
                                        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                                        R 1 Reply Last reply Reply Quote 0
                                        • DaddyGoD
                                          DaddyGo @rafamello
                                          last edited by

                                          @rafamello

                                          SIP makes it easier... to find his way, especially if you have STUNT in the system
                                          RTP is not and if you have dual NAT then it sucks

                                          Cats bury it so they can't see it!
                                          (You know what I mean if you have a cat)

                                          1 Reply Last reply Reply Quote 0
                                          • R
                                            rafamello @Stewart
                                            last edited by

                                            @Stewart NAT.png

                                            DaddyGoD 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.