Wifi calling / FaceTime drops

So, my wife has been complaining about dropped calls and FaceTime. I decided it was most likely her mothers rickety internet. But, then I looked a bit closer and it appears that my traffic shaping may be causing the issue for inbound stuff.

I have two iPhones, two iPads, and a m-cell (voip device for AT&T).

I did a packet capture and saw that there is some kind of TURN protocol and SIP stuff. I am no expert in this area and I know that Peplink does some stuff under the hood with regards to SIP and ALG and UDP 4500.

I have a feeling that the iDevices are doing some sort of registration through some kind of web service URI or URL. I think this is where my issue lies. I try to maximize my links and try to “balance” as much as I can. Outbound TCP 80 and 443 are done in a round robin fashion. I think the devices are using these ports to register, so inbound traffic is going to come in to a seemingly random WAN. But then I have outbound policies to keep UDP 4500 onto my WAN that supports VOIP. Technically, both should - but one is much more reliable for real time traffic.

Has anyone figured out how to set this up without having to restrict all traffic from a particular device to a specific WAN.

I am thinking of doing a test where I start the packet capture, then turn the phone on and monitor all the traffic. I bet I find a web request to something like wificalling.apple.com or similar. I just restrict that traffic to the WAN I want and all inbound calls should come in on the correct WAN.

Please don’t ask me to open a support ticket. This is a configuration issue that several can benefit from. It is specific to a multi-wan environment. Has anyone already sorted through this one? Is there some other magic going on?

And I do have a persistence rule by destination for 443 traffic. The problem (I think) is with the device registration traffic. It needs to go down the WAN that you want calls to come into.

You need to create an outbound rule, and put this traffic on Priority to a single WAN. You’ll need to identify either the destination port or destination IP. You can do that by watching the sessions screen when calls are being made. The provider may use a few IPs, but they are typically in a subnet that you can specify.