NAT 1:1 question
-
ps…
you may also find that you have to change the Outbound NAT to manual and select Static Port for your asterisk to work with NAT.An alternative solution is to put a public IP directly on your asterisk box and hook it up to another interface on pfSense that is bridged to your WAN. That way there is no NAT involved (which Asterisk prefers) and the bridged interface still goes through the firewall filter so you can still block traffic.
I have sites with both methods used for asterisk and both work!
G
-
Hi gob!
Thanks again for helping me.
So First , you want me to add individually the Public IPs as Virtual IPs as Proxy ARP or as Other?
Second, add them again in the NAT 1:1 under the firewall tab.
Third, create a LAN or WAN firewall rule manually that will allow the source IP to the destination IP correct?Regarding your other alternative, We have 3 asterisk servers here in the office so should I add 3 more NIC to our pfsense box ang connect them directly to the new NIC and bridge them all to the WAN interface?
Thanks again gob. Sorry if i'm such a hassle ;D
-
No Hassle at all.
yes, correct regarding the NATing.
OR
Add one bridged interface to pfSense. Plug that into a switch and plug you 3x Asterisk into that switch.
Set the public IPs straight on the Asterisk boxes and configure their gateway to the IP of your Modem/Router.G.
-
Can I just bridge the current LAN inteface since it's already connected to a switch that is connected to the 3x Asterisk and all other switch in our network? Thanks Gob!
-
Gob,
I'm trying to add the rules right now and i'm a bit confused.
I'm currently in Firewall | Rules |Wan
Should I type in the Public IPs in the source field and the internal IP address at the destination field? Thanks!
-
if all you have on your lan are devices with public IPs then you could bridge yout lan. however if you also have regular computers that need NAT then it wont work. you'll need a separate interface from your lan.
i will have to check the rules on one of my pfsense boxes when i get to the office later. -
for 1:1 NAT rules, the source on the wan tab is 'Any' if you want it open to the whole internet, whilst the destination is the internal IP.
if using the bridged interface option, the destination is the public IP on the asterisk.
-
okay Gob! Will try to do that and give you a feedback.
ps
Where can I find the port that asterisk uses again? astGui.conf?
Thanks!
-
asterisk uses lots of ports depending on how it is confgured and what kind of trunks you are using.
I use the Trixbox distro of Asterisk so can't really comment on your setup.
That's one for the asterisk foorums I'm afraid. -
We're using vicidial.
i'll try to check with their forum. Thanks man!