Whitelisting SIP trunk services provider for FreePBX box behind LAN?
-
I have a FreePBX setup that used to be behind an ASUS RT-66 router, all was well. My PBX as well as all the phones are on the same LAN. My PBX connects to VoicePulse, my SIP trunk provider.
I have since moved it to a pfsense router, what a great little box! However, I am having issues with SIP registration with my SIP trunk provider. What makes this difficult to troubleshoot is that SIP registration works, but 6-8 hours later I'll receive errors like this.
[2016-02-09 18:44:20] VERBOSE[2388] chan_sip.c: – Got SIP response 503 "Not registered" back from 54.175.63.250:5060
[2016-02-09 18:44:40] NOTICE[2388] chan_sip.c: – Registration for 'xxx@xxx.dca.proxy.voicepulse.com' timed out, trying again (Attempt #2)
[2016-02-09 18:44:40] VERBOSE[2388] chan_sip.c: – Got SIP response 503 "Not registered" back from 54.175.63.250:5060
[2016-02-09 18:45:00] NOTICE[2388] chan_sip.c: – Registration for 'xxx@xxx.dca.proxy.voicepulse.com' timed out, trying again (Attempt #3)
[2016-02-09 18:45:00] VERBOSE[2388] chan_sip.c: – Got SIP response 503 "Not registered" back from 54.175.63.250:5060
[2016-02-09 18:45:20] NOTICE[2388] chan_sip.c: – Registration for 'xxx@xxx.dca.proxy.voicepulse.com' timed out, trying again (Attempt #5)
[2016-02-09 18:47:06] VERBOSE[2388] chan_sip.c: – Got SIP response 503 "Not registered" back from 54.175.63.250:5060
[2016-02-09 18:47:25] NOTICE[2388] chan_sip.c: – Registration for 'xxx@xxx.dca.proxy.voicepulse.com' timed out, trying again (Attempt #2)
[2016-02-09 18:47:25] VERBOSE[2388] chan_sip.c: – Got SIP response 503 "Not registered" back from 54.175.63.250:5060
[2016-02-09 18:47:45] NOTICE[2388] chan_sip.c: – Registration for 'xxx@xxx.dca.proxy.voicepulse.com' timed out, trying again (Attempt #3)
[2016-02-09 18:47:45] VERBOSE[2388] chan_sip.c: – Got SIP response 503 "Not registered" back from 54.175.63.250:5060
[2016-02-09 18:48:03] VERBOSE[2388][C-00000002] netsock2.c: == Using SIP RTP TOS bits 184
[2016-02-09 18:48:03] VERBOSE[2388][C-00000002] netsock2.c: == Using SIP RTP CoS mark 5
Once the SIP registration begins timing out, no incoming or outgoing phone calls are possible. Before SIP registration times out, incoming and outbound phone calls work perfectly.On the ASUS RT-66 there were no ports forwarded for the PBX, and the firewall was enabled. The ASUS did have the firewall on, as I had to forward ports for the IP camera system & fileserver, but the PBX never required ports to be forwarded.
The steps I have taken so far were to go system –-> advanced ---> firewall/nat and change firewall optimization options to conservative, and also disable firewall scrub on that same page. The situation has improved, however, I still have timeouts – just less frequent.
Would it be possible to whitelist the IP address of the SIP server I am attempting to register with? This thread comes closest to my problem, and the only solution posted was to use deprecated firmware which I'd rather not do. https://forum.pfsense.org/index.php?topic=87051.msg478452#msg478452
Any suggestions or documentation to mill over would be amazing – I've went over much of the forum and documentation but can't seem to find a configuration that stops the timeouts.
Thank you!