Have no idea where this goes but it's DMZ related.
-
Hi… I suck at setting up DMZ, Firewall Rules and NAT.
Please help me, actually kill me now.
I've had it with pfsense and it retarded setup.
Short story
Dlink Router + Lightning = fried.
No money + old pc + router distro. = free router.
Deaf Parents + Sorenson VP200 Video Phone + pfsense = my head exploding.btw if you don't know what a videophone is here's a link...
http://www.sorensonvrs.com/apply/vp200.phpVP200 requires a DMZ or ports to be forward.
In the nat firewall I've forward ports 15328-15339 plus 1720, for incoming, The manual says to forward 1024-65535 for outbound which overlaps with the incoming ports.
When I make a outgoing call, There's no feed, the connection completes but no video feed. When I get an incoming call, the connection completes and we both have video feed.
Basically I want to setup a DMZ.
I have setup three network cards in old 866mhz machine.
N1:Wan
N2: 192.168.0.0/24
N3: 172.16.0.0/24Followed this monowall guide and have ripped my hair out because it's not working as intended.
DMZnet firewall rules ------Prot-------S-----------Port-----DEST.--------Port----Gateway Block--*--------*-------------*------LAN net--------*---------* Pass---*----DMZ net-----------*-----!LAN net-------*----------*
I don't know what else to do. What am I doing wrong?
Is there any way I could just disable the firewall only on 172.16.0.0/24 and be done with it?~Mp
-
Why not 1:1 NAT to the videobox???
-
Try disabling outbound NAT too, as the devices may be trying to use adjacent/inferred port numbers.
-
How do I do 1:1, I've attempted this before and fail because I didn't understand the documentation.
The outbound I don't fully understand how it works or how to set it up.I do anything I really need this video phone back in service asap.
-
I am also having issues with the Sorenson VP-200 and pfSense.
The issues are the same as Mad Professor described.
Port forwarding to the VP-200:
1720, 15328-15348 TCP/UDPTwo ifaces: WAN & LAN
LAN is 10.0.0.0/16 -
Have you tried 1:1 NAT??
-
1. I think it is important whether remote phone is behind firewall or not.
2. tcpdump would help definitely.