Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 27 subscribers
  • Views 9091 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Issues with VOIP - Internal PBX, outbound works fine, inbound does not.

WaterVsAnchor

So I've got an issue. Running 9.509-3 -

Internal PBX (FreePBX) behind my Sophos UTM, separate network from my main network. I've got 3 interfaces. WAN, LAN, and VOIP. Outbound calls from my PBX get through Sophos UTM just fine, however, inbound calls are NOT getting through - BUT inbound calls DO come through for a few minutes AFTER an outbound call is made.

My current config looks like this -

VOIP Service off

Firewall Rule

FreePBX -> SIP Ports -> Trunk Provider

DNAT

AnyIPv4 -> SIP -> WAN (Address) -> FreePBX

Any ideas as to what I'm doing wrong?



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    are you a member of the UTM forum, when you are a mode will move this thread to the UTM forum.

    What you are advising is that your is that outbound rule works and when a call has established a connection that enables the external source to connect. When that call completes there is no known connection into the PBX so the calls are blocked.

    Why have you disabled the SIP helper?

    What does the log show for the incoming calls that fail?

    Ian

  • 0 in reply to rfcat_vk

    Thanks for the reply. Didn't realize I posted this in the XG section until you said something! Woops!

    I'm pretty green when it comes to Sophos UTM.

    Sounds like you understand what's going on. Outbound calls work fine but inbound calls generally do not come through (No busy signal, just dead silence). If an outbound call is made, inbound calls DO work for a short duration.

    I've tried using the SIP Helper with no luck. Wouldn't mind using it if it would work. I've tried using my trunk provided IP as the SIP Server Network and my PBX Host IP as the SIP Client Network with no luck.

    I haven't been able to locate any failed incoming calls in the logs, though I may be looking in the wrong spot?

  • 0 in reply to WaterVsAnchor

    So I've noticed on my UTM that when the inbound calls don't work I get a hit on the firewall logs for my DNAT rule for my VOIP Provider > External WAN on port 5060

    When inbound calls DO work, I get a hit for my DNAT rule, same IPs, but the port always shows as one of the RTP ports. So either way the calls ARE hitting at least the WAN interface

Reply
  • 0 in reply to WaterVsAnchor

    So I've noticed on my UTM that when the inbound calls don't work I get a hit on the firewall logs for my DNAT rule for my VOIP Provider > External WAN on port 5060

    When inbound calls DO work, I get a hit for my DNAT rule, same IPs, but the port always shows as one of the RTP ports. So either way the calls ARE hitting at least the WAN interface

Children
  • 0 in reply to WaterVsAnchor

    Hi,

    I will be a bit slow in answering, on holidays and get on the web when the tour guide (wife) doesn't have anything organised.

    What setting did you use the in the SIP helper, I have only used with 2 different VoIP providers and had success with incoming and outgoing calls.

    Ian

  • 0 in reply to rfcat_vk

    So I ended up putting in a call to Sophos. They got on my system and went through all of my configurations as well as watching the logs for both incoming and outgoing and it was determined that the UTM was NOT causing the issue (Odd since the issue happened before and changing the settings on the UTM fixed it). This lead us directly to the PBX as the issue. On the PBX, I had this configuration for my SIP trunk -

    type=peer
    nat=no
    host= <trunk IP>
    dtmfmode=inband
    disallow=all
    context=from-trunk
    canreinvite=no
    allow=ulaw&alaw

    I did some digging and found the qualify = xxx|no|yes option and decided to add that in. Didn't fix it, BUT, now instead of dead silence on an incoming call I started getting a busy signal, which proved to me that it was getting through the firewall. So, I changed the settings to this -

    type=peer
    nat=yes
    host= <trunk IP>
    dtmfmode=inband
    disallow=all
    context=from-trunk
    canreinvite=no
    allow=ulaw&alaw
    qualify=yes

    and... VOILA! Success! Everything seems to be working fine now.

  • 0 in reply to rfcat_vk

    Hi,

    more thinking. From what you have said the issue sounds like your PABX is not registering with your SIP provider except when setting up outgoing calls.

    Ian