My VOIP system allows customers to set an sip destination they wish and all works great. My system is setup on the SRX as a static NAT, but I have come across an issue where if the B leg of the call ends the call the BYE is not received by our VOIP system. I believe that the issue is UDP timeout.
So on the initial SIP signalling, all is ok as my system initiates the communications via an INVITE to the external system. NAT is allowing them to respond. But for calls that are exceeding the timeout when that external server sends a BYE maybe 20+ minutes later to close the call the Juniper has long since closed that ability off.
What do people do in this instance, set the UDP timeout for 3 hours or so? Adding the customers IP into my firewall isn't an option as these are done on the fly by the customer and can change at any time.
The idle-timeout of a UDP session in the SRX is 1 minute; as long as there is traffic passing through the firewall matching that session, it wont expire. Does your voice system has a keepalive mechanism to make sure that the UDP session is not idle for more than 1 minute?
RTP over UDP is constant as audio is working fine for the duration. But SIP signalling is on a different port 5060 and I don't have session timers on, that will generate a re-invite ever minute which increases resources and traffic which is really un-needed.