Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense and Asterisk and SIP trunks not working

    General pfSense Questions
    2
    2
    704
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      FarmerB3d
      last edited by

      No, not "that ol' question" type of post. I'm posting for posterity's sake and hopefully so someone else does not have the same problem.

      I've had pfSense running for just over a month now (geek-home use) and been very happy with it and the rather interesting learning curve.
      I got my Asterisk (on LAN) setup and working quite easily and outbound trunks functioned without anything special or any hassle.

      All of a sudden I noticed the trunks no longer connected. As I only make use of the trunks a few times a month I don't know when they actually broke.
      I've spent about 3 days (evenings, weekends etc) trying to work it out.
      Tried siproxd - nudda
      Tried sniffing the traffic, did not help (see requests going, nothing returned)
      Spoke to hosting company - they said nothing has changed
      Basically just poking it hoping I would find the problem. Networking being a side-show for me, this is all I can do.

      I stumbled across a post where a guy had a HP switch which was swallowing packets. It turned out, he found some 40 hours later, that the switch decided the when a packet had a source and destination port that matched it must be a DoS attack and dropped them.
      Ta-Daaaa when the lights in my head; I had installed Snort a few weeks back.
      Off I go and sure enough, snort has decided these are all very very bad packets and swallowing them hence the inability of my Asterisk box to register the trunks.
      Turn off snort and voila, all trunks spring to life.  No to configure snort properly…

      Would it not be a good idea to make Snort's logs (dropped, error etc) push into the system log? It seems better to have a single source of what is dropped etc. Just a suggestion.

      Posting this in the hopes that it helps someone else... Please move if there is a more adequate place.

      FarmerB

      1 Reply Last reply Reply Quote 0
      • K
        kejianshi
        last edited by

        Yes - Snort will often just protect you to death…

        I often recommend it to people I really dislike.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.