I followed Chris series to set it up then I had deleted the outbound etc for trunking.
I’m going to check with the support for my SIP provider to see if they can help and also run a SIP trace and email them over everything just to be sure
You can also run a packet capture through your firewall’s WAN port to see if you’re getting 5060 traffic when you make a call. My ChanSIP is set to 5160 internally.
10:37:39.888581 IP [My Public IP].5160 > 72.251.239.206.5060: UDP, length 955
10:37:39.945854 IP 72.251.239.206.5060 > [My Public IP].5160: UDP, length 555
10:37:39.946587 IP [My Public IP].5160 > 72.251.239.206.5060: UDP, length 421
10:37:39.946778 IP [My Public IP].5160 > 72.251.239.206.5060: UDP, length 1140
10:37:40.008126 IP 72.251.239.206.5060 > [My Public IP].5160: UDP, length 535
10:37:41.235656 IP 72.251.239.206.5060 > [My Public IP].5160: UDP, length 836
10:37:45.531816 IP [My Public IP].5160 > 72.251.239.206.5060: UDP, length 369
10:37:45.578716 IP 72.251.239.206.5060 > [My Public IP].5160: UDP, length 477
10:37:45.578723 IP 72.251.239.206.5060 > [My Public IP].5160: UDP, length 461
10:37:45.579371 IP [My Public IP].5160 > 72.251.239.206.5060: UDP, length 424
Should I make an incoming call and outgoing call on the freepbx system?
The above was from an outbound. Not a bad idea to try both.
It looks like that traffic is getting denied which is an issue. I’d look at that deny rule to see why it’s picking up that traffic, it should be allowed in.
Your port forward rule may need to be moved above it.
You should be able to drag it above other rules, though I don’t see the “Default deny rule” mentioned in your packet capture, is it in Floating rules?
Does Opnsense have something similar to PfTop? You should be able to see established connections there. I think that log you looked at will only show denied connections.
It’s got PfTop but I’m unable to filter it to show only port 5060
Does Firewall → Diagnostics → Packet Capture exist as an option?
It does for the WAN, see below:
Interface Capture output
WAN
hn0 17:09:58.980225 00:d0:f6:b0:15:80 > 00:15:5d:00:90:00, ethertype IPv4 (0x0800), length 899: (tos 0x0, ttl 61, id 61297, offset 0, flags [none], proto UDP (17), length 885)
185.8.92.4.5060 > 188.223.75.170.5060: [udp sum ok] SIP, length: 857
185.8.92.4.5060 > 188.223.75.170.5060: [udp sum ok] SIP, length: 857
185.8.92.4.5060 > 188.223.75.170.5060: [udp sum ok] SIP, length: 857
185.8.92.4.5060 > 188.223.75.170.5060: [udp sum ok] SIP, length: 857
185.8.92.4.5060 > 188.223.75.170.5060: [udp sum ok] SIP, length: 857
185.8.92.4.5060 > 188.223.75.170.5060: [udp sum ok] SIP, length: 857
WAN
hn0 INVITE sip:.ddns.net SIP/2.0
WAN
hn0 Via: SIP/2.0/UDP 185.8.92.4:5060;branch=z9hG4bK090d0802;rport
WAN
hn0 Max-Forwards: 70
WAN
hn0 From: "" sip:**@185.8.92.4;tag=as537f43a4
WAN
hn0 To: sip:**.ddns.net
WAN
hn0 Contact: sip:**@185.8.92.4:5060
WAN
hn0 Call-ID: 3960fc8f7454f7f714212840724af8c7@185.8.92.4:5060
WAN
hn0 CSeq: 102 INVITE
WAN
hn0 User-Agent: SureVoIP Core 2.0
WAN
hn0 Date: Sat, 06 Feb 2021 17:10:23 GMT
WAN
hn0 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
WAN
hn0 Supported: replaces, timer
WAN
hn0 Content-Type: application/sdp
WAN
hn0 Content-Length: 249
WAN
hn0
WAN
hn0 v=0
WAN
hn0 o=root 77952855 77952855 IN IP4 185.8.92.4
WAN
hn0 s=SureVoIP Core 2.0
WAN
hn0 c=IN IP4 185.8.92.4
WAN
hn0 t=0 0
WAN
hn0 m=audio 10232 RTP/AVP 8 0 101
WAN
hn0 a=rtpmap:8 PCMA/8000
WAN
hn0 a=rtpmap:0 PCMU/8000
WAN
hn0 a=rtpmap:101 telephone-event/8000
WAN
hn0 a=fmtp:101 0-16
WAN
hn0 a=ptime:20
WAN
hn0 a=sendrecv
WAN
hn0 17:09:59.480464 00:d0:f6:b0:15:80 > 00:15:5d:00:90:00, ethertype IPv4 (0x0800), length 899: (tos 0x0, ttl 61, id 61298, offset 0, flags [none], proto UDP (17), length 885)
WAN
hn0 INVITE sip:.ddns.net SIP/2.0
WAN
hn0 Via: SIP/2.0/UDP 185.8.92.4:5060;branch=z9hG4bK090d0802;rport
WAN
hn0 Max-Forwards: 70
WAN
hn0 From: "" sip:**@185.8.92.4;tag=as537f43a4
WAN
hn0 To: sip:**.ddns.net
WAN
hn0 Contact: sip:**@185.8.92.4:5060
WAN
hn0 Call-ID: 3960fc8f7454f7f714212840724af8c7@185.8.92.4:5060
WAN
hn0 CSeq: 102 INVITE
WAN
hn0 User-Agent: SureVoIP Core 2.0
WAN
hn0 Date: Sat, 06 Feb 2021 17:10:23 GMT
WAN
hn0 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
WAN
hn0 Supported: replaces, timer
WAN
hn0 Content-Type: application/sdp
WAN
hn0 Content-Length: 249
WAN
hn0
WAN
hn0 v=0
WAN
hn0 o=root 77952855 77952855 IN IP4 185.8.92.4
WAN
hn0 s=SureVoIP Core 2.0
WAN
hn0 c=IN IP4 185.8.92.4
WAN
hn0 t=0 0
WAN
hn0 m=audio 10232 RTP/AVP 8 0 101
WAN
hn0 a=rtpmap:8 PCMA/8000
WAN
hn0 a=rtpmap:0 PCMU/8000
WAN
hn0 a=rtpmap:101 telephone-event/8000
WAN
hn0 a=fmtp:101 0-16
WAN
hn0 a=ptime:20
WAN
hn0 a=sendrecv
WAN
hn0 17:10:00.479614 00:d0:f6:b0:15:80 > 00:15:5d:00:90:00, ethertype IPv4 (0x0800), length 899: (tos 0x0, ttl 61, id 61299, offset 0, flags [none], proto UDP (17), length 885)
WAN
hn0 INVITE sip:.ddns.net SIP/2.0
WAN
hn0 Via: SIP/2.0/UDP 185.8.92.4:5060;branch=z9hG4bK090d0802;rport
WAN
hn0 Max-Forwards: 70
WAN
hn0 From: "" sip:**@185.8.92.4;tag=as537f43a4
WAN
hn0 To: sip:**.ddns.net
WAN
hn0 Contact: sip:**@185.8.92.4:5060
WAN
hn0 Call-ID: 3960fc8f7454f7f714212840724af8c7@185.8.92.4:5060
WAN
hn0 CSeq: 102 INVITE
WAN
hn0 User-Agent: SureVoIP Core 2.0
WAN
hn0 Date: Sat, 06 Feb 2021 17:10:23 GMT
WAN
hn0 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
WAN
hn0 Supported: replaces, timer
WAN
hn0 Content-Type: application/sdp
WAN
hn0 Content-Length: 249
WAN
hn0
WAN
hn0 v=0
WAN
hn0 o=root 77952855 77952855 IN IP4 185.8.92.4
WAN
hn0 s=SureVoIP Core 2.0
WAN
hn0 c=IN IP4 185.8.92.4
WAN
hn0 t=0 0
WAN
hn0 m=audio 10232 RTP/AVP 8 0 101
WAN
hn0 a=rtpmap:8 PCMA/8000
WAN
hn0 a=rtpmap:0 PCMU/8000
WAN
hn0 a=rtpmap:101 telephone-event/8000
WAN
hn0 a=fmtp:101 0-16
WAN
hn0 a=ptime:20
WAN
hn0 a=sendrecv
WAN
hn0 17:10:02.487100 00:d0:f6:b0:15:80 > 00:15:5d:00:90:00, ethertype IPv4 (0x0800), length 899: (tos 0x0, ttl 61, id 61300, offset 0, flags [none], proto UDP (17), length 885)
WAN
hn0 INVITE sip:.ddns.net SIP/2.0
WAN
hn0 Via: SIP/2.0/UDP 185.8.92.4:5060;branch=z9hG4bK090d0802;rport
WAN
hn0 Max-Forwards: 70
WAN
hn0 From: "" sip:**@185.8.92.4;tag=as537f43a4
WAN
hn0 To: sip:**.ddns.net
WAN
hn0 Contact: sip:**@185.8.92.4:5060
WAN
hn0 Call-ID: 3960fc8f7454f7f714212840724af8c7@185.8.92.4:5060
WAN
hn0 CSeq: 102 INVITE
WAN
hn0 User-Agent: SureVoIP Core 2.0
WAN
hn0 Date: Sat, 06 Feb 2021 17:10:23 GMT
WAN
hn0 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
WAN
hn0 Supported: replaces, timer
WAN
hn0 Content-Type: application/sdp
WAN
hn0 Content-Length: 249
WAN
hn0
WAN
hn0 v=0
WAN
hn0 o=root 77952855 77952855 IN IP4 185.8.92.4
WAN
hn0 s=SureVoIP Core 2.0
WAN
hn0 c=IN IP4 185.8.92.4
WAN
hn0 t=0 0
WAN
hn0 m=audio 10232 RTP/AVP 8 0 101
WAN
hn0 a=rtpmap:8 PCMA/8000
WAN
hn0 a=rtpmap:0 PCMU/8000
WAN
hn0 a=rtpmap:101 telephone-event/8000
WAN
hn0 a=fmtp:101 0-16
WAN
hn0 a=ptime:20
WAN
hn0 a=sendrecv
WAN
hn0 17:10:06.495370 00:d0:f6:b0:15:80 > 00:15:5d:00:90:00, ethertype IPv4 (0x0800), length 899: (tos 0x0, ttl 61, id 61301, offset 0, flags [none], proto UDP (17), length 885)
WAN
hn0 INVITE sip:.ddns.net SIP/2.0
WAN
hn0 Via: SIP/2.0/UDP 185.8.92.4:5060;branch=z9hG4bK090d0802;rport
WAN
hn0 Max-Forwards: 70
WAN
hn0 From: "" sip:**@185.8.92.4;tag=as537f43a4
WAN
hn0 To: sip:**.ddns.net
WAN
hn0 Contact: sip:**@185.8.92.4:5060
WAN
hn0 Call-ID: 3960fc8f7454f7f714212840724af8c7@185.8.92.4:5060
WAN
hn0 CSeq: 102 INVITE
WAN
hn0 User-Agent: SureVoIP Core 2.0
WAN
hn0 Date: Sat, 06 Feb 2021 17:10:23 GMT
WAN
hn0 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
WAN
hn0 Supported: replaces, timer
WAN
hn0 Content-Type: application/sdp
WAN
hn0 Content-Length: 249
WAN
hn0
WAN
hn0 v=0
WAN
hn0 o=root 77952855 77952855 IN IP4 185.8.92.4
WAN
hn0 s=SureVoIP Core 2.0
WAN
hn0 c=IN IP4 185.8.92.4
WAN
hn0 t=0 0
WAN
hn0 m=audio 10232 RTP/AVP 8 0 101
WAN
hn0 a=rtpmap:8 PCMA/8000
WAN
hn0 a=rtpmap:0 PCMU/8000
WAN
hn0 a=rtpmap:101 telephone-event/8000
WAN
hn0 a=fmtp:101 0-16
WAN
hn0 a=ptime:20
WAN
hn0 a=sendrecv
WAN
hn0 17:10:14.475324 00:d0:f6:b0:15:80 > 00:15:5d:00:90:00, ethertype IPv4 (0x0800), length 899: (tos 0x0, ttl 61, id 61302, offset 0, flags [none], proto UDP (17), length 885)
WAN
hn0 INVITE sip:.ddns.net SIP/2.0
WAN
hn0 Via: SIP/2.0/UDP 185.8.92.4:5060;branch=z9hG4bK090d0802;rport
WAN
hn0 Max-Forwards: 70
WAN
hn0 From: "" sip:**@185.8.92.4;tag=as537f43a4
WAN
hn0 To: sip:**.ddns.net
WAN
hn0 Contact: sip:**@185.8.92.4:5060
WAN
hn0 Call-ID: 3960fc8f7454f7f714212840724af8c7@185.8.92.4:5060
WAN
hn0 CSeq: 102 INVITE
WAN
hn0 User-Agent: SureVoIP Core 2.0
WAN
hn0 Date: Sat, 06 Feb 2021 17:10:23 GMT
WAN
hn0 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
WAN
hn0 Supported: replaces, timer
WAN
hn0 Content-Type: application/sdp
WAN
hn0 Content-Length: 249
WAN
hn0
WAN
hn0 v=0
WAN
hn0 o=root 77952855 77952855 IN IP4 185.8.92.4
WAN
hn0 s=SureVoIP Core 2.0
WAN
hn0 c=IN IP4 185.8.92.4
WAN
hn0 t=0 0
WAN
hn0 m=audio 10232 RTP/AVP 8 0 101
WAN
hn0 a=rtpmap:8 PCMA/8000
WAN
hn0 a=rtpmap:0 PCMU/8000
WAN
hn0 a=rtpmap:101 telephone-event/8000
WAN
hn0 a=fmtp:101 0-16
WAN
hn0 a=ptime:20
WAN
hn0 a=sendrecv
I’ve edit my number that was calling and also the dial number
I’ve also completed a normal one rather than full:
|Interface|Capture output|
| — | — |
|WAN
hn0|17:19:25.796754 IP 185.26.240.4.5060 > 188.223.75.170.5060: UDP, length 887|
|WAN
hn0|17:19:26.296327 IP 185.26.240.4.5060 > 188.223.75.170.5060: UDP, length 887|
|WAN
hn0|17:19:27.397625 IP 185.26.240.4.5060 > 188.223.75.170.5060: UDP, length 887|
|WAN
hn0|17:19:29.397009 IP 185.26.240.4.5060 > 188.223.75.170.5060: UDP, length 887|
|WAN
hn0|17:19:33.395182 IP 185.26.240.4.5060 > 188.223.75.170.5060: UDP, length 887|
I just thought to update I’ve resolved the issue, well someone on reddit resolved the issue.
It turns out as I had set my NAT rule set incorrectly. I should have had my destination set to WAN address rather than LAN address.
I feel so stupid it was something so simple but finally got there in the end.
1 Like