Pfsense 2.2.4 with Sipxcom SIP problems
305 views
Skip to first unread message
Richard Giraldo
Oct 12, 2015, 8:50:20 AM10/12/15
to sipxcom-users
Good day, After many long hours trolling google and the forum I decided to create an account to ask for help.
My setup:
Pfsense 2.2.4 WAN, LAN, VOIP interface.
My problem is with the VOIP interface. My system seems to work perfectly only when I reboot the Pfsense box. After a min or 2 it will not allow a call to go out or in. I get a busy Dial tone when calling out/ I get to the Auto Attendant coming in however when I select an ext it drops the call, no MOH.
I have set the NAT Outbound to Static.
I have set the NAT Inbound Rules t0 ports, 5060,5061,5080 RTP 1024-65535 per ITSP requirements. The Voip machine is running (Sipxcom).
I duplicated my Nat Outbound rule to match the Inbound rule to ensure my header/ports don't get rewritten (Also Static Route).
SipXbridge communicates on 5080, my ITSP communicates on 5060. So I have an Inbound rule Source 5060, redirect 5080
In Advanced: Firewall and NAT. Firewall Optimization Options I have set to Normal. If I set it to conservative it will not work if I reboot the machine. If its set to normal and reboot router then it works for a few min.
So I think this is where my problem is. If someone can assist me please I would appreciate it.
My setup:
Pfsense 2.2.4 WAN, LAN, VOIP interface.
My problem is with the VOIP interface. My system seems to work perfectly only when I reboot the Pfsense box. After a min or 2 it will not allow a call to go out or in. I get a busy Dial tone when calling out/ I get to the Auto Attendant coming in however when I select an ext it drops the call, no MOH.
I have set the NAT Outbound to Static.
I have set the NAT Inbound Rules t0 ports, 5060,5061,5080 RTP 1024-65535 per ITSP requirements. The Voip machine is running (Sipxcom).
I duplicated my Nat Outbound rule to match the Inbound rule to ensure my header/ports don't get rewritten (Also Static Route).
SipXbridge communicates on 5080, my ITSP communicates on 5060. So I have an Inbound rule Source 5060, redirect 5080
In Advanced: Firewall and NAT. Firewall Optimization Options I have set to Normal. If I set it to conservative it will not work if I reboot the machine. If its set to normal and reboot router then it works for a few min.
So I think this is where my problem is. If someone can assist me please I would appreciate it.
Matthew Kitchin
Oct 12, 2015, 9:38:58 AM10/12/15
to sipxco...@googlegroups.com
The 5060 to 5080 redirect can work. I have used it. Can you get a
packet capture?
--
You received this message because you are subscribed to the Google Groups "sipxcom-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sipxcom-user...@googlegroups.com.
To post to this group, send email to sipxco...@googlegroups.com.
Visit this group at http://groups.google.com/group/sipxcom-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/sipxcom-users/4f6a3220-2199-41ab-a386-2020dcf356a4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Richard Giraldo
Oct 12, 2015, 9:44:54 AM10/12/15
to sipxcom-users
Not sure what the best way should be to get one. Whats the best app to accomplish this?
Thanks
Michael Picher
Oct 12, 2015, 9:46:23 AM10/12/15
to Richard Giraldo, sipxcom-users
Consult the wiki... http://wiki.sipxcom.org/display/sipXcom/General+FAQ
--
You received this message because you are subscribed to the Google Groups "sipxcom-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sipxcom-user...@googlegroups.com.
To post to this group, send email to sipxco...@googlegroups.com.
Visit this group at http://groups.google.com/group/sipxcom-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/sipxcom-users/971809f7-7202-4493-973f-00a1345b6421%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Thanks,
Mike
-----------------------------------------------------------------------------------------
There are 10 types of people in this world... Those who understand binary and those who don't.
Matthew Kitchin
Oct 12, 2015, 9:57:09 AM10/12/15
to sipxco...@googlegroups.com
On a sipxcom server or linux firewall, tcpdump would do well.
Wireshark is a good one.
--
Mihai Costache
Oct 12, 2015, 10:00:43 AM10/12/15
to Matthew Kitchin, sipxco...@googlegroups.com
Will be good to capture logs from pfsense too: Diagnostics-->Packet Capture--->Interface Wan, to see what reach your outbound interface when comparing to your sipxcom packets
Best Regards,
Mihai Costache
"No problem can withstand the assault of sustained thinking. "
- Voltaire
To view this discussion on the web visit https://groups.google.com/d/msgid/sipxcom-users/561BBC33.2080107%40gmail.com.
Richard Giraldo
Oct 12, 2015, 10:26:34 AM10/12/15
to sipxcom-users
Ok I just figured out how house the command, now I just need to be able to print it or copy the result. I will reply post this evening.
Thank you
On Monday, October 12, 2015 at 8:50:20 AM UTC-4, Richard Giraldo wrote:
pmkr...@gmail.com
Oct 12, 2015, 10:27:53 AM10/12/15
to sipxcom-users, mkitchi...@gmail.com
If you are using an un-managed gateway to connect to your ITSP, then Sipxcom does not issue UDP packets every 10 seconds (SIP Trunk gateway in Sipxcom does this) to the ITSP that keeps the firewall state alive in Pfsense. From your description, I'd explore this avenue. If you are using a SIP trunk gateway to connect to your ITSP with, there is a SIP keep-alive option in the advanced settings of the ITSP page - make sure it is set to the default values.
You can determine whether this is the issue by rebooting pfsense and going immediately to the diagnostics -> state menu and specify the public IP address of your ITSP. Refresh the browser frequently - when states start dropping to your ITSP, then try placing an incoming call to Sipxcom. I'd also do a packet capture from pfsense on the WAN interface, and filter on the public IP address of the ITSP and see what traffic is going back and forth. If there is no traffic between your ITSP and WAN interface of Pfsense for 2-3 minutes, then this is probably the issue.
Some ITSPs offer the ability to send SIP options to your router to keep NAT firewall states open.
Hope this helps.
Peter
You can determine whether this is the issue by rebooting pfsense and going immediately to the diagnostics -> state menu and specify the public IP address of your ITSP. Refresh the browser frequently - when states start dropping to your ITSP, then try placing an incoming call to Sipxcom. I'd also do a packet capture from pfsense on the WAN interface, and filter on the public IP address of the ITSP and see what traffic is going back and forth. If there is no traffic between your ITSP and WAN interface of Pfsense for 2-3 minutes, then this is probably the issue.
Some ITSPs offer the ability to send SIP options to your router to keep NAT firewall states open.
Hope this helps.
Peter
Richard Giraldo
Oct 12, 2015, 10:48:55 AM10/12/15
to sipxcom-users
OK in SIP (Signaling keep-alive interval)
I set the default from 20 to 40. It is working at the moment. I will test it before I run out to verify that it will hold.
I set the default from 20 to 40. It is working at the moment. I will test it before I run out to verify that it will hold.
Will keep you posted.
Thank you
On Monday, October 12, 2015 at 8:50:20 AM UTC-4, Richard Giraldo wrote:
Richard Giraldo
Oct 12, 2015, 10:56:50 AM10/12/15
to sipxcom-users
OK this did not last long. What would be the recommended keep alive number to use?
Thank you
On Monday, October 12, 2015 at 8:50:20 AM UTC-4, Richard Giraldo wrote:
On Monday, October 12, 2015 at 8:50:20 AM UTC-4, Richard Giraldo wrote:
pmkr...@gmail.com
Oct 12, 2015, 11:40:30 AM10/12/15
to sipxcom-users
Richard - On the Devices->Gateway menu, can you post what model of gateway has been defined to the ITSP (right-hand side of the menu) - it should say something like 'SIP TRUNK' or 'UNMANAGED GATEWAY'.
Peter
Peter
Richard Giraldo
Oct 12, 2015, 11:57:20 AM10/12/15
to sipxcom-users
Yes it is sip trunk.
Richard Giraldo
Oct 12, 2015, 12:11:56 PM10/12/15
to sipxcom-users
Sorry I'm driving. Yes it's a sip trunk and the itsp had a static route to my ip. Don't need to authenticate.
I can call out and in when I raise the time to live. So I think we are in the right path. I'm just wondering if the itsp has a role to play to keep the path open
pmkr...@gmail.com
Oct 12, 2015, 1:26:10 PM10/12/15
to sipxcom-users
Richard, hope you are not reading this again while driving :). I stand to be corrected, but do not believe that changing the TTL option in Sipxbridge will properly resolve the issue - I suspect the keepalives are not issued by Sipxbridge when there is no trunk registration. In your setup with Pfsense, you should always be able to place an outgoing call to your ITSP. After placing that outgoing call, incoming calls will be processed as well until the firewall state for that session expires (2-3 minutes). When expired, incoming calls from your ITSP will be blocked until another outgoing call from Sipxcom is placed - when there is no incoming/outgoing voice traffic, the firewall state will expire again and incoming calls will be blocked.
I suggest putting in a static rule that allows 5080 traffic from your ITSP's IP address to be processed through Pfsense.
Peter
I suggest putting in a static rule that allows 5080 traffic from your ITSP's IP address to be processed through Pfsense.
Peter
Richard Giraldo
Oct 12, 2015, 2:46:33 PM10/12/15
to sipxcom-users
Here is a call in and a call out after I rebooted the Router. I will capture another set after the system goes down.
14:37:58.842598 IP 69.34.39.147 > 69.34.39.129: ICMP echo request, id 53809, seq 12545, length 60
14:37:58.849562 IP 69.34.39.129 > 69.34.39.147: ICMP echo reply, id 53809, seq 12545, length 60
14:37:59.392799 IP 69.34.39.147.47069 > 8.8.4.4.53: UDP, length 44
14:37:59.491776 IP 8.8.4.4.53 > 69.34.39.147.47069: UDP, length 681
14:37:59.492886 IP 69.34.39.147.4554 > 205.171.3.26.53: UDP, length 49
14:37:59.617376 IP 205.171.3.26.53 > 69.34.39.147.4554: UDP, length 364
14:37:59.843587 IP 69.34.39.147 > 69.34.39.129: ICMP echo request, id 53809, seq 12801, length 60
14:37:59.850608 IP 69.34.39.129 > 69.34.39.147: ICMP echo reply, id 53809, seq 12801, length 60
14:38:00.178302 IP 69.34.39.147.5060 > 208.93.226.215.5060: UDP, length 4
14:38:00.183471 IP 69.34.39.147.3480 > 216.93.246.18.3478: UDP, length 28
14:38:00.231483 IP 216.93.246.18.3478 > 69.34.39.147.3480: UDP, length 92
14:38:00.232237 IP 69.34.39.147.60748 > 8.8.8.8.53: UDP, length 55
14:38:00.292962 IP 17.143.160.33.5223 > 69.34.39.147.53033: tcp 730
14:38:00.346465 IP 69.34.39.147.57463 > 202.30.124.100.53: UDP, length 45
14:38:00.412333 IP 8.8.8.8.53 > 69.34.39.147.60748: UDP, length 55
14:38:00.412641 IP 69.34.39.147.61384 > 205.171.3.26.53: UDP, length 55
14:38:00.548641 IP 202.30.124.100.53 > 69.34.39.147.57463: UDP, length 606
14:38:00.548781 IP 69.34.39.147.43663 > 218.232.110.188.53: UDP, length 45
14:38:00.548835 IP 69.34.39.147.15689 > 218.50.6.241.53: UDP, length 45
14:38:00.554731 IP 205.171.3.26.53 > 69.34.39.147.61384: UDP, length 55
14:38:00.554962 IP 69.34.39.147.10418 > 69.41.244.254.53: UDP, length 55
14:38:00.598810 IP 69.41.244.254.53 > 69.34.39.147.10418: UDP, length 55
14:38:00.599288 IP 69.34.39.147.33341 > 216.93.240.1.53: UDP, length 55
14:38:00.654191 IP 216.93.240.1.53 > 69.34.39.147.33341: UDP, length 55
14:38:00.654700 IP 69.34.39.147.51918 > 216.93.250.1.53: UDP, length 55
14:38:00.708696 IP 216.93.250.1.53 > 69.34.39.147.51918: UDP, length 55
14:38:00.709027 IP 69.34.39.147.38265 > 205.171.3.26.53: UDP, length 44
14:38:00.777002 IP 218.50.6.241.53 > 69.34.39.147.15689: UDP, length 90
14:38:00.781415 IP 218.232.110.188.53 > 69.34.39.147.43663: UDP, length 143
14:38:00.783381 IP 69.34.39.147.64281 > 184.51.145.24.53: UDP, length 51
14:38:00.783478 IP 69.34.39.147.50625 > 184.26.161.192.53: UDP, length 47
14:38:00.783571 IP 69.34.39.147.47054 > 2.16.40.192.53: UDP, length 47
14:38:00.783676 IP 69.34.39.147.36521 > 96.7.50.192.53: UDP, length 49
14:38:00.783768 IP 69.34.39.147.54249 > 96.7.49.194.53: UDP, length 51
14:38:00.783848 IP 69.34.39.147.36441 > 2.16.40.192.53: UDP, length 47
14:38:00.783936 IP 69.34.39.147.43163 > 184.26.161.192.53: UDP, length 47
14:38:00.784017 IP 69.34.39.147.47841 > 95.100.174.192.53: UDP, length 51
14:38:00.784107 IP 69.34.39.147.7683 > 96.7.49.194.53: UDP, length 51
14:38:00.784181 IP 69.34.39.147.58320 > 184.26.161.192.53: UDP, length 47
14:38:00.784261 IP 69.34.39.147.29124 > 95.101.36.192.53: UDP, length 51
14:38:00.800600 IP 2.16.40.192.53 > 69.34.39.147.47054: UDP, length 113
14:38:00.805077 IP 2.16.40.192.53 > 69.34.39.147.36441: UDP, length 113
14:38:00.810726 IP 184.51.145.24.53 > 69.34.39.147.64281: UDP, length 56
14:38:00.812225 IP 95.100.174.192.53 > 69.34.39.147.47841: UDP, length 117
14:38:00.821344 IP 96.7.50.192.53 > 69.34.39.147.36521: UDP, length 115
14:38:00.832371 IP 69.34.39.147.9105 > 172.224.198.224.80: tcp 0
14:38:00.841060 IP 184.26.161.192.53 > 69.34.39.147.50625: UDP, length 113
14:38:00.844589 IP 69.34.39.147 > 69.34.39.129: ICMP echo request, id 53809, seq 13057, length 60
14:38:00.846711 IP 184.26.161.192.53 > 69.34.39.147.58320: UDP, length 113
14:38:00.847943 IP 184.26.161.192.53 > 69.34.39.147.43163: UDP, length 113
14:38:00.849665 IP 172.224.198.224.80 > 69.34.39.147.9105: tcp 0
14:38:00.851151 IP 205.171.3.26.53 > 69.34.39.147.38265: UDP, length 44
14:38:00.851323 IP 69.34.39.147.45825 > 8.8.8.8.53: UDP, length 44
14:38:00.851484 IP 69.34.39.147.9105 > 172.224.198.224.80: tcp 0
14:38:00.851719 IP 69.34.39.147.9105 > 172.224.198.224.80: tcp 94
14:38:00.852861 IP 69.34.39.129 > 69.34.39.147: ICMP echo reply, id 53809, seq 13057, length 60
14:38:00.872095 IP 172.224.198.224.80 > 69.34.39.147.9105: tcp 0
14:38:00.875301 IP 172.224.198.224.80 > 69.34.39.147.9105: tcp 377
14:38:00.875315 IP 172.224.198.224.80 > 69.34.39.147.9105: tcp 0
14:38:00.876333 IP 69.34.39.147.9105 > 172.224.198.224.80: tcp 0
14:38:00.876512 IP 69.34.39.147.9105 > 172.224.198.224.80: tcp 0
14:38:00.876733 IP 69.34.39.147.9105 > 172.224.198.224.80: tcp 0
14:38:00.877523 IP 96.7.49.194.53 > 69.34.39.147.54249: UDP, length 117
14:38:00.884417 IP 96.7.49.194.53 > 69.34.39.147.7683: UDP, length 117
14:38:00.897207 IP 172.224.198.224.80 > 69.34.39.147.9105: tcp 0
14:38:00.994542 IP 95.101.36.192.53 > 69.34.39.147.29124: UDP, length 117
14:38:01.005896 IP 69.34.39.147.6484 > 198.38.125.171.80: tcp 491
14:38:01.005911 IP 69.34.39.147.21433 > 198.38.125.171.80: tcp 493
14:38:01.026082 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.027787 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.028786 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.030000 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.030487 IP 69.34.39.147.6484 > 198.38.125.171.80: tcp 0
14:38:01.031007 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.031915 IP 69.34.39.147.6484 > 198.38.125.171.80: tcp 0
14:38:01.032158 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.033216 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.033534 IP 69.34.39.147.6484 > 198.38.125.171.80: tcp 0
14:38:01.034688 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.035440 IP 69.34.39.147.6484 > 198.38.125.171.80: tcp 0
14:38:01.035877 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.036898 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.037225 IP 69.34.39.147.6484 > 198.38.125.171.80: tcp 0
14:38:01.037902 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.038685 IP 69.34.39.147.6484 > 198.38.125.171.80: tcp 0
14:38:01.039120 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.040117 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.040489 IP 69.34.39.147.6484 > 198.38.125.171.80: tcp 0
14:38:01.041583 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.041678 IP 69.34.39.147.6484 > 198.38.125.171.80: tcp 0
14:38:01.042586 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.044051 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.044335 IP 69.34.39.147.6484 > 198.38.125.171.80: tcp 0
14:38:01.045045 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.046259 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.046317 IP 69.34.39.147.6484 > 198.38.125.171.80: tcp 0
14:38:01.047262 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.047749 IP 69.34.39.147.6484 > 198.38.125.171.80: tcp 0
14:38:01.048485 IP 198.38.125.171.80 > 69.34.39.147.6484: tcp 1448
14:38:01.049380 IP 69.34.39.147.6484 > 198.38.125.171.80: tcp 0
Here it is with no calls allowed
14:44:26.681977 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.682272 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.682982 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.683882 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.683894 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.684125 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.685016 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.685198 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.686410 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.686663 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.687412 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.688202 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.688876 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.689666 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.689673 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.689873 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.691097 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.691372 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.692105 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.692829 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.693312 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.694257 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.694270 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.694319 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.695787 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.696029 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.697019 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.697255 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.698244 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.698537 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.699246 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.700009 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.700482 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.701363 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.701375 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.701460 IP 198.38.125.171.80 > 69.34.39.147.17082: tcp 1448
14:44:26.702918 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.702998 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.703917 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.704339 IP 69.34.39.147.17082 > 198.38.125.171.80: tcp 0
14:44:26.705141 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.705904 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.706012 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.706139 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.707357 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.707600 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.708358 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.709146 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.709158 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.709592 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.710374 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.710574 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.712116 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.712286 IP 198.38.125.171.80 > 69.34.39.147.17082: tcp 1448
14:44:26.713289 IP 198.38.125.171.80 > 69.34.39.147.17082: tcp 1448
14:44:26.713640 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.714505 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.714891 IP 69.34.39.147.17082 > 198.38.125.171.80: tcp 0
14:44:26.715504 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.716382 IP 69.34.39.147.17082 > 198.38.125.171.80: tcp 0
14:44:26.716451 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.716463 IP 69.34.39.147.17082 > 198.38.125.171.80: tcp 0
14:44:26.716625 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.717526 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.717720 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.719164 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.719183 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.720182 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.720603 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.721405 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.722176 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.722397 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.723371 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.723383 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.723614 IP 198.38.125.171.80 > 69.34.39.147.17082: tcp 1448
14:44:26.724615 IP 198.38.125.171.80 > 69.34.39.147.17082: tcp 1448
14:44:26.724963 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.726102 IP 198.38.125.171.80 > 69.34.39.147.12927: tcp 1448
14:44:26.726180 IP 69.34.39.147.17082 > 198.38.125.171.80: tcp 0
14:44:26.727095 IP 198.38.125.171.80 > 69.34.39.147.12927: tcp 1448
14:44:26.727834 IP 69.34.39.147.12927 > 198.38.125.171.80: tcp 0
14:44:26.727846 IP 69.34.39.147.17082 > 198.38.125.171.80: tcp 0
14:44:26.728340 IP 198.38.125.171.80 > 69.34.39.147.12927: tcp 1448
14:44:26.729382 IP 198.38.125.171.80 > 69.34.39.147.12927: tcp 1164
14:44:26.730526 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.731740 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.731955 IP 69.34.39.147.12927 > 198.38.125.171.80: tcp 0
14:44:26.731963 IP 69.34.39.147.12927 > 198.38.125.171.80: tcp 0
14:44:26.732742 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.733083 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.733962 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.734454 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.734956 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.735751 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.735953 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.737220 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.737231 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.737417 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
14:44:26.738318 IP 69.34.39.147.37647 > 198.38.125.171.80: tcp 0
14:44:26.738417 IP 198.38.125.171.80 > 69.34.39.147.37647: tcp 1448
pmkr...@gmail.com
Oct 12, 2015, 4:03:26 PM10/12/15
to sipxcom-users
Richard, screenscrapes of packet captures from Pfsense are normally not productive. As suggested earlier by others, download the packet capture to your desktop and read the pcap file using Wireshark. As well, the default packet capture size with Pfsense is 100 - change it to 10000 (but do not cut-paste into the thread :)).
I did notice this packet though in the working call:
14:38:00.178302 IP 69.34.39.147.5060 > 208.93.226.215.5060: UDP, length 4.
It looks like 69.34.39.147 is the Pfsense WAN address and 208.93.226.215 is the ITSP. If Sipxcom was configured to use Sipxbridge, the packet would show up as 5080 rather than 5060. Check the model of the gateway again pointed at the ITSP - it is probably showing as 'unmanaged gateway' in Sipxcom. There are two types of 'SIP Trunk' models that can be used for ITSPs - 'SIP Trunk' which uses Sipxbridge as a pseudo SBC - it uses port 5080. The other type of trunk model is an 'Unmanaged Gateway'. With unmanaged gateways, there is definitely no SIP keepalive support, so you will need to open up a firewall port (for reasons described previously).
In Pfsense, go to Diagnostics->States, and enter 208.93.226.215 in the filter field - you will see all the firewall state information for traffic between your ITSP and Sipxcom. If you capture the state for working versus non-working calls and perform some analysis, you should be able to validate my supposition that adding a firewall rule that allows incoming 5060 traffic from the ITSP (208.93.226.215) should work ..
Hope this helps.
Peter
I did notice this packet though in the working call:
14:38:00.178302 IP 69.34.39.147.5060 > 208.93.226.215.5060: UDP, length 4.
It looks like 69.34.39.147 is the Pfsense WAN address and 208.93.226.215 is the ITSP. If Sipxcom was configured to use Sipxbridge, the packet would show up as 5080 rather than 5060. Check the model of the gateway again pointed at the ITSP - it is probably showing as 'unmanaged gateway' in Sipxcom. There are two types of 'SIP Trunk' models that can be used for ITSPs - 'SIP Trunk' which uses Sipxbridge as a pseudo SBC - it uses port 5080. The other type of trunk model is an 'Unmanaged Gateway'. With unmanaged gateways, there is definitely no SIP keepalive support, so you will need to open up a firewall port (for reasons described previously).
In Pfsense, go to Diagnostics->States, and enter 208.93.226.215 in the filter field - you will see all the firewall state information for traffic between your ITSP and Sipxcom. If you capture the state for working versus non-working calls and perform some analysis, you should be able to validate my supposition that adding a firewall rule that allows incoming 5060 traffic from the ITSP (208.93.226.215) should work ..
Hope this helps.
Peter
Message has been deleted
Richard Giraldo
Oct 12, 2015, 7:20:24 PM10/12/15
to sipxcom-users
My apologies, I am working and sometimes I speed read and I thought someone was interested in the packet shot. I cleaned the rules up a bit and now I see 5080 out to 5060 and back in reverse.
I decided to get a edgemarc router.:)
Going to do some research on it before I buy it. I just need have a stable setup. What drive me crazy is that I replicated the setting from my old backup and nothing worked. Lol.
If you have any alternate recommendation on a router please forward it.
Thanks
Richard Giraldo
Oct 12, 2015, 10:00:55 PM10/12/15
to sipxcom-users
OK Im like a crack head, can't get this out of my mind.
What my finale conclusion of this issue has turn out to be the state table. So when I reboot the router things are back to normal. Or if I rest the state table, the same.
I checked the (Disable PF SCRUBBING OPTION) in Advance/Firewall,NAT
Going to see if that corrects the state table issue.
Todd Hodgen
Oct 13, 2015, 4:39:44 AM10/13/15
to Richard Giraldo, sipxcom-users, pmkr...@gmail.com
I’ve never heard of anyone having to edit that file. You should be able to do everything in your web gui for the gateway.
Todd R. Hodgen
President / Founder
Sound IP Telecom
206-432-4344 - Direct
206-390-4689 - Cell
Your Puget Sound Telcom Partner
Do you Like Snow, Rain, Sleet, Hail, Thunder, Lightning?
If you do, then you will love the Cloud!
We appreciate your business referrals!
A Division of Misiu Systems LLC
From: sipxco...@googlegroups.com [mailto:sipxco...@googlegroups.com]
On Behalf Of Richard Giraldo
Sent: Monday, October 12, 2015 3:51 PM
To: sipxcom-users <sipxco...@googlegroups.com>
Cc: pmkr...@gmail.com
Subject: [sipxcom-users] Re: Pfsense 2.2.4 with Sipxcom SIP problems
OK I will do that right now. I did download the sipbridege.xml.txt. My question is the external address. Is the external address the same as internal one?
<?xml version="1.0" ?>
<sipxbridge-config xmlns="http://www.sipfoundry.org/sipX/schema/xml/sipxbridge-00-00">
<bridge-configuration>
<external-address>192.168.18.43</external-address>
<external-port>5080</external-port>
<local-address>192.168.18.43</local-address>
<local-port>5090</local-port>
--
You received this message because you are subscribed to the Google Groups "sipxcom-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
sipxcom-user...@googlegroups.com.
To post to this group, send email to
sipxco...@googlegroups.com.
Visit this group at http://groups.google.com/group/sipxcom-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/sipxcom-users/cadc1110-fa98-410c-af7d-1b5da55e4948%40googlegroups.com.
Michael Picher
Oct 13, 2015, 4:51:40 AM10/13/15
to Todd Hodgen, Richard Giraldo, sipxcom-users, pmkr...@gmail.com
The outside IP address should be the outside address of the firewall that is NAT'd back to the server's IP address.
To view this discussion on the web visit https://groups.google.com/d/msgid/sipxcom-users/BLUPR0701MB10420139385FD6D899A08EA5FD300%40BLUPR0701MB1042.namprd07.prod.outlook.com.
For more options, visit https://groups.google.com/d/optout.
--
Michael Picher, VP of Product Innovation
eZuce, Inc.
300 Brickstone Square
Suite 104
Andover, MA. 01810
Notice: This transmittal and/or attachments may be privileged or confidential. It is intended solely for the addressee(s) named above. Any dissemination, or copying is strictly prohibited. If you received this transmittal in error, please notify us immediately by reply and immediately delete this message and all its attachments. Thank you. FMS
Richard Giraldo
Oct 13, 2015, 9:18:51 AM10/13/15
to sipxcom-users
Not sure where to change that. Going to look
Thabks
Richard Giraldo
Oct 16, 2015, 11:10:35 PM10/16/15
to sipxcom-users
I found what I did wrong. In Nat Outbound, When creating a static route. I followed the requirements to complete the steps. However when I went onto diagnose-state and type in my voip server ip, & kill. I did not connect the server to the network. Some how I needed to have the machine connected before I call out the ip address and kill.
After that the state table is clean and holding.
Thank for the help guys I learned a lot in this short request.
As for the sipxbridge.xml file. The external IP is the machine IP.
On Monday, October 12, 2015 at 8:50:20 AM UTC-4, Richard Giraldo wrote:
Reply all
Reply to author
Forward
0 new messages