Cannot pass through UDP port 5060
-
I've got a really strange problem. I've just installed pfSense and have ports 80, 143, 25, etc all forwarded and working happily. We have a PBX that needs to communicate with a remote SIP trunk via UDP 5060, in both directions. All outgoing traffic is allowed. We created a NAT rule to pass all incoming UDP 5060 traffic to 10.0.1.101 : 5060. We also have a firewall rule to permit all traffic to 10.0.1.101.
The problem is that we're not seeing any of that traffic, although pfSense logs it as passing. We installed a packet sniffer on the network, and there are no such incoming UDP packets arriving at 10.0.1.101.
The strange thing is, we changed the rule to pass all such traffic to 5070 instead. Then, we see all of the traffic. If we change the NAT entry to switch back to 5060, then we do not see any more traffic. Perhaps stranger, we can pass this traffic to a different host on port 5060 and we see the traffic. It's only the PBX (10.0.1.101) on port 5060 where it is not making it out of pfSense.
Any ideas? I feel like I've hit a brick wall here!
thanks
Collin -
Search the forum for "static port". We'll add a static port for port 5060 behind the scenes with the latest snapshots if no advanced outbound nat is enabled btw (just was implemented yesterday).
-
Thanks for the reply hoba. I searched for "static port" but couldn't find what I think I am looking for. Could you please expand a little on that?
-
http://forum.pfsense.org/index.php/topic,3147.msg18970.html#msg18970
-
Thanks hoba. That did the trick. I don't fully understand the solution, but it's working now.
-
Good to hear :D