lorsungcu
asked on
VOIP over IPSEC VPN has no audio
I have 2 pfsense firewalls with an IPSEC VPN between them. everything seems to work fine except voip. Sometimes I'll get two way audio, but generally its silent on both ends. What's odd is that if I reset firewall states, or change settings and apply them, i can usually get the first call I try to work. After that, it goes back to no audio.
Here's the layout:
phones (192.168.10.0/24) >> pfsense >> VPN >> pfsense >> (192.168.0.0/24) asterisk
Phones are registering to the local IP of the PBX (192.168.0.25) just fine. I do not have any static routes. Automatic NAT is on (for ipsec passthrough). All ports are open properly to my SIP trunks. Any ideas?
Here's the layout:
phones (192.168.10.0/24) >> pfsense >> VPN >> pfsense >> (192.168.0.0/24) asterisk
Phones are registering to the local IP of the PBX (192.168.0.25) just fine. I do not have any static routes. Automatic NAT is on (for ipsec passthrough). All ports are open properly to my SIP trunks. Any ideas?
can we see your sip_nat.conf file and any logs so we can attempt to troubleshoot? Shooting from the hip I'd say one of the phones is sending some of the traffic to the internet after it makes a connection.
ASKER
I'd love to give you my sip_nat.conf file, but we're using Switchvox, which gives you no access to configuration files. Also, as this should be all over the VPN, NAT shouldn't be an issue. If it helps, I can take screenshots of my pfsense configuration.
ASKER
When I make a call, these are the states the firewall has for the phone:
Proto Source -> Router -> Destination State
udp 192.168.10.199:5060 -> 192.168.0.25:5060 MULTIPLE:MULTIPLE
udp 192.168.0.25:5060 <- 192.168.10.199:5060 MULTIPLE:MULTIPLE
udp 192.168.1.1:123 <- 192.168.10.199:1074 NO_TRAFFIC:SINGLE
udp 192.168.10.199:1074 -> 173.165.229.145:5945 -> 192.168.1.1:123 SINGLE:NO_TRAFFIC
udp 192.168.0.25:55244 <- 192.168.10.199:2250 NO_TRAFFIC:SINGLE
udp 192.168.10.199:2250 -> 192.168.0.25:55244 SINGLE:NO_TRAFFIC
udp 192.168.0.25:55245 <- 192.168.10.199:2251 NO_TRAFFIC:SINGLE
udp 192.168.10.199:2251 -> 192.168.0.25:55245 SINGLE:NO_TRAFFIC
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.