Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Have no idea where this goes but it's DMZ related.

    Scheduled Pinned Locked Moved General pfSense Questions
    7 Posts 5 Posters 3.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Mad Professor
      last edited by

      Hi… I suck at setting up DMZ, Firewall Rules and NAT.

      Please help me, actually kill me now.

      I've had it with pfsense and it retarded setup.

      Short story
      Dlink Router + Lightning = fried.
      No money + old pc + router distro. = free router.
      Deaf Parents + Sorenson VP200 Video Phone + pfsense = my head exploding.

      btw if you don't know what a videophone is here's a link...
      http://www.sorensonvrs.com/apply/vp200.php

      VP200 requires a DMZ or ports to be forward.

      In the nat firewall I've forward ports 15328-15339 plus 1720, for incoming, The manual says to forward 1024-65535 for outbound which overlaps with the incoming ports.

      When I make a outgoing call, There's no feed, the connection completes but no video feed. When I get an incoming call, the connection completes and we both have video feed.

      Basically I want to setup a DMZ.

      I have setup three network cards in old 866mhz machine.

      N1:Wan
      N2: 192.168.0.0/24
      N3: 172.16.0.0/24

      Followed this monowall guide and have ripped my hair out because it's not working as intended.

      
DMZnet firewall rules
------Prot-------S-----------Port-----DEST.--------Port----Gateway
Block--*--------*-------------*------LAN net--------*---------* 
Pass---*----DMZ net-----------*-----!LAN net-------*----------*

      I don't know what else to do. What am I doing wrong?
      Is there any way I could just disable the firewall only on 172.16.0.0/24 and be done with it?

      ~Mp

      1 Reply Last reply Reply Quote 0
      • S
        Supermule Banned
        last edited by

        Why not 1:1 NAT to the videobox???

        1 Reply Last reply Reply Quote 0
        • B
          Bern
          last edited by

          Try disabling outbound NAT too, as the devices may be trying to use adjacent/inferred port numbers.

          1 Reply Last reply Reply Quote 0
          • M
            Mad Professor
            last edited by

            How do I do 1:1, I've attempted this before and fail because I didn't understand the documentation.
            The outbound I don't fully understand how it works or how to set it up.

            I do anything I really need this video phone back in service asap.

            1 Reply Last reply Reply Quote 0
            • D
              dustinlw1987
              last edited by

              I am also having issues with the Sorenson VP-200 and pfSense.

              The issues are the same as Mad Professor described.

              Port forwarding to the VP-200:
              1720, 15328-15348 TCP/UDP

              Two ifaces: WAN & LAN
              LAN is 10.0.0.0/16

              1 Reply Last reply Reply Quote 0
              • S
                Supermule Banned
                last edited by

                Have you tried 1:1 NAT??

                1 Reply Last reply Reply Quote 0
                • E
                  Eugene
                  last edited by

                  1. I think it is important whether remote phone is behind firewall or not.
                  2. tcpdump would help definitely.

                  http://ru.doc.pfsense.org

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.