Hi All,
I've spent the morning trying to figure out why I can only periodically receive calls.  I'm starting to feel like i'm missing something obvious and cant see the woods for the trees.
This is a newly setup Elastix install, elastix-2.0.0-58.  Previously I had Trixbox - the same condition existed on that host as well.  I've only just got around to sorting the issue out :)
I have also recently rebuilt my firewall (about a month ago).

To clarify, I can call out, call between extensions fine, and even recieve calls -  but only periodically.  I can always receive an inbound call after placing one out.

Disclosure: a lot of the information I have provided had been obfuscated.

The network looks like:
Internet ----- ADSL Modem ----- Firewall ----- Elastix
                                                           |-- Snom M3 phone

The ADSL modem is a Nokia M1122, firewall is pfSense.

For the sake of completeness, I'll also describe the ports I've opened.
I have an entry on the ADSL modem that NAPT's the ports 5060 and 5061, UDP to the Elastix host's IP.  There are also static routes for the network that the Asterisk (Elastix) host sits on.
There are entries on the firewall allowing traffic from 58.28.20.150 (pan.wxnz.net) and 202.180.76.163 (iax.2talk.co.nz) on ports 5060 and 5061 to the Asterisk (Elastix) host.  There is no NAT performed on the pfSense firewall - it's for want of a better term a routing firewall.
In addition I only allow communication from the Asterisk (Elastix) host to 58.28.20.150 (pan.wxnz.net) and 202.180.76.163 through the firewall.

I'm fairly confident that I've got everything sorted on the firewall as I'm not seeing any traffic that I don't expect to see denied.

My peer details for peer 1 is:
username=12345abcdef
type=peer
secret=secret12345
regseconds=180
registertimeout=20
port=5060
nat=yes
maxexpirey=180
insecure=invite,port
host=pan.wxnz.net
fromuser=42345678
fromdomain=pan.wxnz.net
dtmfmode=rfc2833
disallow=all
defaultexpirey=180
context=from-trunk
canreinvite=no
allow=ulaw&alaw

User Context for peer 1:
12345abcdef

Registar String for peer 1:
42345678:secret12345:12345abcdef@pan.wxnz.net/42345678

My peer details for peer 2 is:
username=ghijkl67890
type=peer
secret=secret67890
regseconds=180
registertimeout=20
port=5060
nat=yes
maxexpirey=180
insecure=invite,port
host=pan.wxnz.net
fromuser=49876545
fromdomain=pan.wxnz.net
dtmfmode=rfc2833
disallow=all
defaultexpirey=180
context=from-trunk
canreinvite=no
allow=ulaw&alaw

User Context for peer 1:
ghijkl67890

Registar String for peer 1:
49876545:secret67890:ghijkl67890@pan.wxnz.net/49876545

I'm also confident that my call plans are OK as when the phones do work, routing etc, works perfectly and as expected.

I enabled SIP debugging to try and determine what the issue might be, but I get nothing on the console when I ring in, which suggests that the traffic isn't even getting to the Asterisk host (which is reinforced by the logs on the firewall).

A sip show registry displays:
*CLI> sip show registry
Host                           dnsmgr Username       Refresh State                Reg.Time
pan.wxnz.net:5060              N      49876545           285 Registered           Sat, 14 May 2011 13:22:27
pan.wxnz.net:5060              N      42345678           285 Registered           Sat, 14 May 2011 13:22:27
2 SIP registrations.

Interestingly enough, I can only see the registration for 42345678 at: http://myvfx.xport.co.nz/User/Registrations/

I haven't tested if the same issue exists for the second line as it's just occurred to me that I should have tested that.  I'll make sure I test to see if the second line if affected next time the condition occurs.


Sorry for the long post, hopefully I've given enough information to help you help me :)

Any ideas as to what to check next?

Cheers,
Glen