VoiP state does not get flushed after new wan ip (dynamic ip)
-
Hi there,
i remember having this problem back in pfsense 1.2.3 that once the wan-ip changed the states would have been kept and so the voice adapter would fail to connect.
I also remember there was a package which i used which monitored the wan-ip change and would flush all states which are connected to the voip-adapters lan ip.Before installing and switching to pfsense 2.0 i read this no longer happens in 2.0 but for some reason it still happens for me and everytime after i get home from work i have to flush those states manually in order for my voip adapter to be able to connect again.
I have no special voip-firewall rules or a special setup, running the latest stable 2.0. Anyone have an idea how to fix that? (except the manual fix)
-
Has this been addressed in 2.0? or have you resolved this on your own? Can you please reply with an update as I seem to have similar behavior in the newest version of pfSense 2.0.1-RELEASE (i386).
Thanks,
Tom -
I am also observing similar behavior - has anyone figured out how to reset the states after a link change - my VOIP phones will thank you!
-
Add me to the list.
After spending too many hours trying the different solutions proposed on the forum (scripts etc.) I have given up and added a separate Gateway (WRTGL/TomatoVPN) for my Asterisk server. I solution which I am not happy with. -
Have any of you tried this with 2.0.2 or 2.1-BETA ?
-
I have tried the latest 2.1 snapshots for a while with no success.
-
Does what you're seeing seem to be related to issue http://redmine.pfsense.org/issues/1629 ?
Just in case, check your setting of "System -> Advanced -> Misc -> Gateway monitoring" which determines whether pfsense will flush states when a gateway goes down.
When having a problem, you can try to kill states manually from CLI using pfctl -b gwip/32 (gwip can be found from pfsense's Dashboard -> Gateways) which should produce an output like "kill x states from 1 gateway".
The state flushing is performed by filter_delete_states_for_down_gateways() (line 153 in /etc/inc/filter.inc)
-
Is this with a DHCP WAN or a PPPoE WAN?
-
DHCP WAN
-
I made some changes to the state killing code this morning on 2.1, try a snapshot from later today and see if it helps.
-
…and made even more changes last night, it should be in much better shape now.
Previously if I unplugged my cable WAN it would switch its IPs around due to the way the modem worked, and the old states would hang around. After quite a bit of fiddling I managed to get it to clear the states when it fails to the modem's useless private IP and when it recovers to the real public IP.
The latest snapshot should hopefully perform much better, even with PPPoE WAN types.
