Issue with Yealink IP Phones over OpenVPN after upgrading to 2.7.0
-
Hi all,
I have a weird issue with Yealink Phones connected to a 3CX over a site-to-site OpenVPN connection. The setup worked fine for three years, but after upgrading to pfsense 2.7.0, I suddenly faced problems of the IP-Phones not reliably reconnecting to the 3CX server. So the usual situation is, that I notice that some IP-Phones do not ring, then I go into the management console of the 3CX and see that the phones are listed as offline. I then go to the configuration interface of the pfsense on the IP-Phone side, and reset the firewall states. This is all it takes for the phones to immediately reconnect.
I have absolutely no clue on what changed to 2.7.0 to trigger this, so I am happy for any pointers on how to debug this issue.
These are the states for one IP-Phone(10.45.104.60) while it is "not working". The 3CX server is at 10.9.118.5:
LAN udp 10.45.104.60:45786 -> 176.9.157.155:123 SINGLE:MULTIPLE 1 / 1 76 B / 76 B WAN udp 87.139.54.126:10195 (10.45.104.60:45786) -> 176.9.157.155:123 MULTIPLE:SINGLE 1 / 1 76 B / 76 B WAN udp 87.139.54.126:60179 (10.45.104.60:5060) -> 10.9.118.5:5060 SINGLE:NO_TRAFFIC 23.448K / 0 15.84 MiB / 0 B LAN udp 10.45.104.60:5060 -> 10.9.118.5:5060 MULTIPLE:MULTIPLE 36.616K / 9.383K 22.27 MiB / 4.72 MiBAfter resetting the states, this is what the state table for the phone looks like:
LAN udp 10.45.104.60:45786 -> 176.9.157.155:123 SINGLE:MULTIPLE 1 / 1 76 B / 76 B WAN udp 87.139.54.126:10195 (10.45.104.60:45786) -> 176.9.157.155:123 MULTIPLE:SINGLE 1 / 1 76 B / 76 B ovpnc2 udp 10.45.104.60:5060 -> 10.9.118.5:5060 MULTIPLE:MULTIPLE 31 / 30 18 KiB / 14 KiB LAN udp 10.45.104.60:5060 -> 10.9.118.5:5060 MULTIPLE:MULTIPLE 36.655K / 9.413K 22.30 MiB / 4.73 MiBCheers
Richard