Voip and pfsense - I can't get it working

  • A search for VOIP audio issues with pfsense on the web return multiple hits but I have tried almost everything I read and I just can't get this to work.

    I have an HT502 ATA behind pfsense and I am using voip.ms as provider.  Registration is find and outgoing call are working fine.  On an incoming call, there is no incoming audio but the caller can hear me just fine.

    I have forwarded SIP(5060) and RTP port(10001-2000 remote, 5004-5005 local)  e,g, :

    Firewall: NAT: Port Forward
    WAN UDP voip_server1 sip WAN address sip voip_ip sip
    WAN UDP voip_server1 * WAN address 5004 - 5005 voip_ip 5004 - 5005

    I am using AOT and I have switched over to static port for packets originating from my ATA , something like this :
    WAN  voip_ip * voip_server1 * WAN address * YES

    I have not tried sipproxyd as it seem to be only related to having multiple devices.

    I do not know what to try next as I have tried every possible configurations I can think of.  It seem people had had more luck using IAX but that would mean I have to buy an ATA that support it.

    Anything else I should try ( I also set the firewall optimization to conservative)


  • Most of the time when I have 1 way voice issue it is due to the rtp setup.

    I would make sure the grandstream and the provider are set to be the same range, I usually use 10000-20000.  Forward the fw ports as needed.  Also make sure the firmware on the ata is the latest.

    If you are still having issues you should post all the relevant configs (sanitized) so people can get a clearer idea what is going on.

  • I just tried that, switched to a port within the 10001-20000 rebooted the HT502, made sure that range was forwarded ( it was already setup like this) and it I am still having the same problem.

    I will post my config within the next few days and maybe someone can enlighten me.


  • With VOIP, it usually helps to have ports 5060 and 5061 as well as your RTP ports you think might get used to be set in manual outbound NAT with the static port setting checked.

    Also, if your server has an alternate port list, its good to use alternate ports and to set those as static port also.

    The reason is that because even when they say they don't, ISPs that offer voip often screw with any VOIP provider other than their own.

    I can't prove it, but to me it seems they purposely degrade competitors service so they can offer theirs.

  • I made sure every single port from my ATA to the voip provider were set to static and all incoming packets from the voip provider were forwarded to my ATA and I could still not get it to work.

    To make it easier to debug by capturing all packets using wireshark, I switched the ATA on its own vlan and added a new interface into pfsense to handle this and it is now working!!!

    I did not change any rules, I just changed the alias for the ATA ip as its now on a different subnet.  I can't explain why it now works.


  • Quick - backup your config!!!!


Log in to reply