|
Hi all,
Sorry to be reviving an old thread, but I'm lost with this exact problem and getting close to beating my head against a wall.
I've just moved from Plusnet to UNO Fibre which has been a fantastic move.
However for various reasons I needed to keep my old copper phone number alive and I was recommended to AAnet as a way of keeping it going.
So the migration to AAnet went perfectly and the old Plusnet copper is now terminated.
Based on recommendation I got the HT801 ATA.
I followed the linked instructions for configuring the device (also reproduced in this thread) to the letter and I'm getting confirmation from both the control panel for the Grandstream and the control panel at AAnet (and confirmed by AAnet Tech) that the connection is 'registered'.
The Grandstream CP is telling me I have Unknown NAT.
My network is a fibre ONT which is connected as the Gigabit WAN port on a Watchguard XTM5 box running the latest release of pfSense.
At this point I should explain that I'm by no means any kind of expert at networking and network security and I can just about grasp basics and config according to instructions with some confidence.
My network has been built this way (previously using a PCEngines Alix box) for over a decade and has been generally flawless and low maintenance and it was set up by a friend of mine who was much more technically competent in this field, but who passed away from COVID extremely unexpectedly. I've been tinkering and maintaining ever since but this issue is proving to be a touch beyond me.
I have played with VOIP/SIP previously, mostly self-taught using config guides, having once set up PBXinaFlash and Trixbox servers behind my network with Cisco phones. That was a long time ago, though.
So it seems the one area that AAnet aren't up to speed with tutorials and hands on skills is configuring pfSense to work with their SIP setups.
The pfSense box has a very private, very secure SERVER subnet which I run a home hosted email/groupware server from which again requires little maintenance, it just runs and runs. It also has a dedicated WIFI subnet which essentially feeds an ASUS AX series wireless router in access point mode. And then there's the LAN subnet, on which all my statically addressed devices are preconfigured.
And this is where the Grandstream now resides, manually configured.
I can access it for admin login and it is set to exclusively use IPv4 for simplicity.
My UNO connection is an '8 IP' option but I haven't learned how to use that yet so the WAN is set to the principal IP address of the internet connection which also has rDNS configured for my mail server.
So here I am with this 'registered' ATA.
I have tried the best I can to configure the firewall rules recommended in the linked AAnet settings guide, by configuring them on the WAN port and setting up an alias for the Grandstream as the destination.
I'm guessing that there could be something wrong in these settings.
AAnet Tech have claimed I should just disable the firewall rules and the Grandstream will find its own way through the firewall, their concern being that their system is not guaranteed to work with NAT. That, of course, leaves me concerned about security for reasons I'll come to momentarily.
I HAVE had very limited and problematic success with the ATA and the Panasonic cordless phone (4 handset) that's plugged into it.
If I pick a handset up and turn it on I HAVE HAD but do not always have a dialling tone. I can't figure out what I'm doing or not doing at the time that this chooses to work or not work.
The ATA CP recognises on hook/off hook status.
This is where it gets really weird.
I HAVE HAD calls from outside coming in to the ATA/Phone. I have called the line from my mobile and occasionally had that 'I'm ringing' tone in the mobile earpiece with the on screen message that the phone is connecting. And when I get that tone I usually get ringing on the ATA/Phone and can answer the phone and even conduct a perfectly serviceable call with myself.
It's just that the box doesn't maintain that capability for very long, and most of the time if I dial in from my mobile I get the screen saying 'connecting' but not the 'I'm ringing' dial tone.
Even more strange is that a lot of the time I don't get the dial tone or the 'I'm ringing' tone on the Panasonic handset but - stranger still - on the recipient's phone the line will ring three times and disconnect but leave CID.They then cannot ring me back, and end up calling me on my mobile.
So I've been frustrated and doing a lot of powering off the ATA and powering it on again, which doesn't seem to restore functionality but if I log into the ATA as admin and change some setting and then apply and save, it sometimes pops back into life.
So I've been miserable trying to spend the last five days researching and hoping to get instructions more detailed than the ones already discussed.
But then when I just left it, strange things started happening...
While I had the firewall rules disabled (AAnet advice) we would randomly receive a call to the landline showing a CID of 100 which was literally a dead call. It happened at 2am and nearly gave us a heart attack.and I just pulled the plug on the box. A bit more research led me to the conclusion these were malevolent probes to SIP port, so I enabled those firewall rules and I guess something about them was right because we've not had those random 100 calls since.
I could really use the help of someone who has a nearly identical setup fully working to share advice with me, and ideally also someone who knows pfSense inside out who could tell me how to write the port forwarding if that is necessary, and anyone who knows other tweaks for AAnet connections and the Grandstream box like 'keep alives' or 'stun' or 'proxy servers' or server priorities or anything else that might miraculously get this all working so I can stop stressing and just use the stupid thing.
I would really appreciate your help.
Thanks
|