SIP problems

madas

Hello all,

I am having problems with my SIP connections through pfSense 2.0.  I have connections from two devices (a Sipura and an asterisk box) on the LAN going out to 4 different locations on the internet.

All of them work fine (in and out), then after a day or two my asterisk box complains that it cannot connect to any of the destinations.  If I reboot the asterisk box the problem remains.  I have to go to the states window and clear out all of the connections on 5060, then magically everything works again for a few days.

I attach a screenshot showing my states.

Black = External IP Destination
Red = My external IP
10.2.1.20 = Asterisk
10.2.1.199 = Sipura device

Any ideas what I can do to stop this happening? I tried siproxd and that only seemed to make matters worse.

dhatz

If it happens on WAN IP change, new versions 2.0.2 or 2.1-BETA deal better with it.

madas

Thanks.  Maybe i'll give Beta 2.1 a try.  In this case my ip hasn't changed in months so I know that isn't the problem this time.

dhatz

Are you using manual NAT (AON) with static-port for port 5060 ?

madas

No, I am using automatic outbound NAT

I used to use static ports but that also seemed to cause a lot of problems

dhatz

Hmm … in that case further debugging is needed.

To recap, both IPs (your WAN IP and presumably your VoIP provider SIP server's IP) remain unchanged, yet your asterisk pbx has trouble connecting every 1-2 days.

You'll need to compare the states (pfctl -ss|fgrep x.y.z.w where x.y.z.w is your asterisk's ip) when it works and when it doesn't.

You might also want to upgrade to pfsense 2.0.2 (or 2.1)

joako

Create static port just for NAT from LAN to Asterisk IP and make sure it's at the top.

In the case the connection gets stuck and requires a reset to the states, I never found a good solution. All I know is now whenever I leave some SSH session open in my office overnight, it's dropped in the morning :(

madas

I just upgraded to 2.1 Beta…i'll give it a day or two and see what happens.  If it occurs again i'll try the static nat for the asterisk server

madas

Just to report back.  After upgrading to the 2.1 Beta this problem (and a bunch of others) have gone away.

numer

Strange, I'm seeing exact this problem with 2.1 Beta

c.radi

Hi,

I have the same Problem with 2.1
Is there a solution.

Regards
Christian

kejianshi

Maybe if your WAN IP changes as often as the mood of a fickle GF, you should create a script to reboot the pfsense box every time the WAN IP changes.

bullet92

Hi, i have pfsense 2.0.3 and i have the same issue:
after 1 or 2 days SIP connection won't go and i must do a reset states to permit sip to connect as well.
I have a manual nat (i've tried also a autoamtic nat, but same issue) with this configuration :

Interface Source Source Port Destination Destination Port NAT Address NAT Port Static Port Description
WAN  172.16.30.0/24 * * 500 * * YES Auto created rule for ISAKMP - DMZ to WAN 
WAN  172.16.30.0/24 * * * * * NO Auto created rule for DMZ to WAN 
WAN  127.0.0.0/8 * * * * 1024:65535 NO Auto created rule for localhost to WAN 
WAN  192.168.132.0/24 * * 500 * * YES Auto created rule for ISAKMP - LAN to WAN 
WAN  192.168.132.0/24 * * * * * NO Auto created rule for LAN to WAN

My WAN IP's cannot change because i'm using a line with a fixed IP.

Waiting for your reply, Regards.