Is there some settings in sip_chan that could affect from which port number Asterisk sends replies (like 180, 200, 404 etc) to SIP requests? Or at least how to force Asterisk to use same port for replies as for incoming SIP requests?
I’ve got a following situation. Asterisk 13 has public IP address. In iptables there are only ports 5060/UDP, 10000-20000/UDP permitted for incoming traffic, along with related/established connections. Incoming call from some SIP peer:
peer:5060 INVITE → asterisk:5060
asterisk:37601 200-OK → peer:5060
peer:5060 ACK → asterisk:37601
(few minutes on line, a caller wants to hangup)
peer:5060 BYE → asterisk:37601
and this BYE never achieves Asterisk itself, as conntrack entry for UDP persists only for 30 seconds and by the time BYE request finally arrives, a firewall is already “closed” for it.
Why Asterisk can to act like this and how to solve this issue?