Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense/Netgate/Starlink/Cisco ATA 191/Voip.ms Phone voip box intermittently loosing registration on voip.ms

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 696 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      AgingTechNerd
      last edited by AgingTechNerd

      I'm a pfsense noob but have had basic experience with consumer routers like ASUS, TPlink, Google Mesh, LinkSys, NetGear over the years.

      I replaced our Starlink router with a Netgate box running PfSense. Seems intuitive enough. I'm running pretty much the default settings aside from some Static IP device assignments.

      In Feb I ported my home phone to voip.ms and picked up a CISCO ATA 191 phone adapter box which works fine with our POTS phones.

      Issue I have is after random amounts of time the CISCO box looses registration on voip.ms. Could be a day, a week or even a month before it happens. It just shows no registration on the viop.ms status panel and the phone have no dial tone. They do get battery but just silence. Rebooting the CISCO box restores the connection fine.. until the next time.

      The voip.ms folks told me to follow the CISCO SPA 112 template (my ATA 191 is the newest functional equivalent) but to use UPD instead of TLS. They've told me to try change some ports but no change in symptoms.

      After going around in circles with support I was given this warning about potential firewall issues

      "We don't provide networking support so If you have a firewall like that you need to ensure that ports 5060, 5080 udp/tcp are open and also RTP Ports 100001-20000 udp/tcp for the audio. Also look and disable features like SIP Helper, SIP ALG and/or SPI firewall, which usually cause issues. Our service works fine in a normal internet connection, if your end has a special configuration, firewall or "something else" in the mix, then you need to make sure our service will work through it."

      Turning this advice into actual PfSense settings is beyond my current comfort level. Can someone walk me through the actual settings to check in PFSense?

      Much appreciated.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        That is the default setting in pfSense.
        There is no SIP ALG unless you install the siproxd package, which you shouldn't.
        All ports are open outbound for any devices on the LAN.

        So unless you have added firewall rules to block traffic it should be allowed. However I would check the firewall log when it fails. I would also check Diag > States to see what states are open to/from the ATA191 IP and what changes after you reboot and it starts working again.

        The only thing that pfSense does differently to many (most?) SOHO devices is to set a random source port on outbound connections. Some services, including VoIP, object to this (VoIP and NAT are mortal enemies! 😉 ) requiring a static source port rule to be set:
        https://docs.netgate.com/pfsense/en/latest/recipes/nat-voip-phones.html#disable-source-port-rewriting

        Steve

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.