Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VoIP SIP telephone, static-route.

    Scheduled Pinned Locked Moved NAT
    19 Posts 8 Posters 15.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hoba
      last edited by

      And to stop the confusion, you need a static port, not a static route.

      1 Reply Last reply Reply Quote 0
      • M
        micke
        last edited by

        i've spend lots of time to figure how to get it to work. only progress is still that i managed to call from my voipphone to
        my mobile and it was only one directioncall ..  :-\

        i've advanced outbound NAT and static port activated for the ports.

        states show:

        Proto    Source -> Router -> Destination    State     
        udp 192.168.0.244:3478 -> 83.233.97.165:51987 -> 130.244.125.91:3478 MULTIPLE:MULTIPLE
        udp 192.168.0.244:5060 -> 83.233.97.165:59853 -> 130.244.125.91:3478 MULTIPLE:MULTIPLE
        udp 192.168.0.244:5060 -> 83.233.97.165:5060 -> 130.244.125.91:5060 SINGLE:NO_TRAFFIC
        udp 130.244.125.91:3478 <- 192.168.0.244:3478 MULTIPLE:MULTIPLE
        udp 130.244.125.91:3478 <- 192.168.0.244:5060 MULTIPLE:MULTIPLE
        udp 130.244.125.91:5060 <- 192.168.0.244:5060 NO_TRAFFIC:SINGLE

        192.168.0.244 is my voip.

        Firewall: NAT: Outbound shows:

        Interface  Source  Source Port  Destination  Destination Port  NAT Address  NAT Port  Static Port  Description 
        WAN  192.168.0.0/24 5060 192.168.0.244/32 5060 * *
        YES
        tele2 
        [edit mapping]
        [add a new nat based on this one]
        WAN  192.168.0.0/24 5061 192.168.0.244/32 5061 * *
        YES
        tele2 
        [edit mapping]
        [add a new nat based on this one]
        WAN  192.168.0.0/24 3478 192.168.0.244/32 3478 * *
        YES
        tele2 
        [edit mapping]
        [add a new nat based on this one]
        WAN  192.168.0.0/24 3479 192.168.0.244/32 3479 * *
        YES
        tele2 
        [edit mapping]
        [add a new nat based on this one]
        WAN  192.168.0.0/24 10000 192.168.0.244/32 10000 * *
        YES
        tele2 
        [edit mapping]
        [add a new nat based on this one]
        WAN  192.168.0.0/24 10001 192.168.0.244/32 10001 * *
        YES
        tele2 
        [edit mapping]
        [add a new nat based on this one]
        WAN  192.168.0.0/24 10002 192.168.0.244/32 10002 * *
        YES
        tele2 
        [edit mapping]
        [add a new nat based on this one]
        WAN  192.168.0.0/24 10003 192.168.0.244/32 10003 * *
        YES
        tele2 
        [edit mapping]
        [add a new nat based on this one]
        WAN  192.168.0.0/24 10005 192.168.0.244/32 10005 * *
        YES
        tele2 
        [edit mapping]
        [add a new nat based on this one]
        WAN  192.168.0.0/24 10006 192.168.0.244/32 10006 * *
        YES
        tele2 
        [edit mapping]
        [add a new nat based on this one]
        WAN  192.168.0.0/24 10007 192.168.0.244/32 10007 * *
        YES
        tele2

        and i do not have any rules on "Firewall: NAT: Port Forward" for the phone,exept rules for dc++ and games
        that i play online that works exelent!!

        1 Reply Last reply Reply Quote 0
        • H
          hoba
          last edited by

          As you can see from the state table your static port doesn't work:

          @micke:

          Proto    Source -> Router -> Destination    State     
          udp 192.168.0.244:3478 -> 83.233.97.165:51987 -> 130.244.125.91:3478 MULTIPLE:MULTIPLE
          udp 192.168.0.244:5060 -> 83.233.97.165:59853 -> 130.244.125.91:3478 MULTIPLE:MULTIPLE
          udp 192.168.0.244:5060 -> 83.233.97.165:5060 -> 130.244.125.91:5060 SINGLE:NO_TRAFFIC

          Just create a single rule on top of your advanced outbound NAT rules for source IP-phone, destination any, static port. Save and apply. After that reset states at diagnostics>ststes, reset states to make the phone recreate the states with the static port.

          1 Reply Last reply Reply Quote 0
          • M
            micke
            last edited by

            thanx for fast reply ,almost there..  :o
            the phone still doesnt work but the states looks better ,heh ..

            udp  192.168.0.244:3478 -> 83.233.97.165:3478 -> 130.244.125.91:3478  MULTIPLE:MULTIPLE
            udp 192.168.0.244:5060 -> 83.233.97.165:5060 -> 130.244.125.91:5060 SINGLE:NO_TRAFFIC
            udp 192.168.0.244:3478 -> 130.244.125.130:3479 SINGLE:NO_TRAFFIC
            udp 130.244.125.91:3478 <- 192.168.0.244:3478 MULTIPLE:MULTIPLE
            udp 130.244.125.91:5060 <- 192.168.0.244:5060 NO_TRAFFIC:SINGLE
            udp 130.244.125.130:3479 <- 192.168.0.244:3478 NO_TRAFFIC:SINGLE

            anyone with tele2/sweden who can post some info? , i dont want to go back to my zyxelrouter ,due
            the autonegationproblem i have with my ISP (bb2 100mbit full duplex) ,when i only get worthless speed.  :'(

            1 Reply Last reply Reply Quote 0
            • H
              hoba
              last edited by

              Which direction does not work? incoming or outgoing?

              1 Reply Last reply Reply Quote 0
              • M
                micke
                last edited by

                outgoing works occasionally .. incoming never ..

                i read somwere that 1:1 nat could help ?!?  or upnp ??

                -i'm thinking of to get another nic and run with a raisercard a dmz or something like that,
                is that possible to get it run easier? (currently i have via-miniitx nehemiah mobo) +hp procurve switch

                1 Reply Last reply Reply Quote 0
                • H
                  hoba
                  last edited by

                  static port does something similiar to 1:1 nat (at least when it comes to the natting). Does your phone use STUN and does your provider support it? SIP providers handle things very different. Some use STUN, some use a proxy at their end that rewrites ports/IPs to the IPs that the server sees and not the info that is inside the voip packages, others don't use any of these mechanisms which can lead to serious problems behind NATs. SIP and NAT are not good friends in general.

                  1 Reply Last reply Reply Quote 0
                  • M
                    micke
                    last edited by

                    :D  ,yes..  it works now ,i dont know really how ,but i installed miniupnpd package.
                    thx for all , pfsense roxx .

                    1 Reply Last reply Reply Quote 0
                    • G
                      Gronis
                      last edited by

                      Dose this work now? I going to trye PF agin i fhink but i need to now that the tele2 voip works.

                      1 Reply Last reply Reply Quote 0
                      • M
                        micke
                        last edited by

                        yes ,tele2 works.  =D

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.