Balance 30 Pro LTE -- RTP issues

We are currently setting up our new VoIP phone system, using SIPStation SIP trunks, and a Sangoma PBXact40 PBX. I have SIP traffic working fine (can call inbound/outbound) without issues, but no matter how I configure our Balance 30 Pro LTE router, the RTP traffic fails to go through leaving us with no audio either way. I believe I have set the appropriate inbound firewall rules, as well as the necessary port-forwarding rules:

When I do capture on the PBX, I can here the audio in the outbound RTP stream, however, the person at the other end never hears it, nor do I see/hear the inbound RPT stream.

We have dual WANs setup, with a cable and dsl broadband connection.

The SIPStation support person believes that the router is somehow blocking the RTP traffic. This is so frustrating as there is nothing to indicate what the problem might be.

Any assistance would be greatly appreciated. Thanks.

Best regards,

There are lots of fellas with experience setting up VOIP and SIP solutions, so I imagine someone with way more knowledge than me will be chiming in soon.

In the meantime, you could check on the “Service Passthrough” (Network->Misc.->Service Passthrough). Take a look at the IPSec-NAT-T service. I have seen other similar issues point back to this setting. By default, Peplink does some stuff “under the covers” - and it may be conflicting with what you are trying to do. I don’t see any obvious port conflicts based on the description of the option, but if you have the DSL connection as WAN1 - the router is going to try to send all of this traffic to that WAN. You can change it by selecting the “Route IPSec site-to-site VPN via” option and choosing your cable connection. Is your cable connection on WAN1 or WAN2?

Here is the part where I prove my ignorance… I am assuming the RTP streams are the UDP entries you have above. Shouldn’t the UDP streams go directly to the SIP phones involved in the call? I guess it could be routing all the streams through that server (, but at that point - would it need the forwarders? i.e. is that traffic still “unsolicited”? I would think that by the time the RTP stream is created, the endpoints for the call would be “known”, so the traffic should be “established” at that point. I would think that the RTP portion would just be NATted traffic (that should only require the firewall exception). If you understand the traffic patterns and can provide a visual – that might be helpful.

My apologies if I send you down the wrong path - I tried to give some disclaimers as to my ignorance. It won’t hurt my feelings one bit if you decide to wait for someone with better expertise on the matter.

1 Like

Thanks for your reply; I share some of your ‘ignorance’ as well. I have worked a couple of support persons from Sangoma, and tracing the SIP and RTP streams show that the RTP traffic is not making it through the router, no matter how I configure it. I did change the order of my WAN connections–appreciate that information! I have opened a ticket with Peplink. Again, thanks!

Have you tested other services like the peplink web service on the public ip’s?
I wonder if you have a non-routable ip address or if your provider is blocking some ports.

The public IP addresses are routeable and have spoken with both providers and neither are blocking any ports. The SIP traffic is traversing the router just fine, so things are routeable; it’s just the RTP traffic that is not going through. Thank you for your reply and suggestions!

Do you have inbound NAT setup? This would override port-forwarding.
Do you have any firewalls enabled on your cable modem?
Make sure you setup an outbound policy and set the source your PBX to the internet and hard code it to the same wan that you have the inbound sip trunk setup on.

Beyond that:
If you want to PM me your s/n , I can try to remote in and diagnosis further.
Our core business is providing sip trunks and hosted pbx over peplinks.