Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SIP / NAT - Stopped working after update (1.2.3 -> 2.0.1)

    Scheduled Pinned Locked Moved NAT
    12 Posts 9 Posters 8.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N8LBVN
      N8LBV
      last edited by

      Also PLEASE let us know when/if you get it working (report back) I'm having a possibly related problem and have read many posts
      Where they just die and never come back & tell us if they got it working or not.

      I feel more like I do now.

      1 Reply Last reply Reply Quote 0
      • B
        Bpedersen
        last edited by

        Drop the port forward and firewall rules, you dont need them.

        You only need the manual outbound nat with the static source port option.

        1 Reply Last reply Reply Quote 0
        • P
          phazethree
          last edited by

          This works fine for me on the phone side. But as soon as I enable Manual NAT and Static port, it breaks squid proxying for other subnets..
          Any suggestions?

          1 Reply Last reply Reply Quote 0
          • B
            blakestar
            last edited by

            Hi, I am dealing with the exact same issue. Updated from 1.2.3 to 2.0.1. Asterisk sitting behind Pfsense. Can call out no problem but cannot receive inbound calls now. Wondering if someone has any resolution advice?

            Have nearly the same config as the original poster only 192.168 internal addresses.

            Bpedersen, when you say "Drop the Port Forward & Rules" what exactly do you mean by this?

            Much appreciated, any advice!!

            1 Reply Last reply Reply Quote 0
            • D
              djau
              last edited by

              Hi

              I have always the problem with 2.0.1.
              Incoming SIP calls don't work => SIP 404

              SIP Request on pfsense :
              xx.xx.xx.xx:5060 xx.xx.xx.xx:54453

              Now i have open 54453, and works but not fine one call /4 .
              pfsense will not change this port after x call?

              Do you have other issue ?

              Regards

              1 Reply Last reply Reply Quote 0
              • I
                itsJim
                last edited by

                I had issues until I created an Outbound NAT rule like the following:

                WAN  192.168.6.0/24 udp/5060 * udp/5060 * * YES VoIP

                1 Reply Last reply Reply Quote 0
                • C
                  cmb
                  last edited by

                  @itsJim:

                  I had issues until I created an Outbound NAT rule like the following:

                  WAN  192.168.6.0/24 udp/5060 * udp/5060 * * YES VoIP

                  This is precisely what you need to do if you need to retain 1.2.3's default behavior of not rewriting the source port on SIP. Most of the time it doesn't matter, where it does, that will take you back to 1.2.3's behavior.

                  Unfortunately with VoIP there isn't a "one config suits all", 1.2.3's default caused problems more than it helped, but changing defaults going forward from 1.2.3 to 2.x is going to bite a very small percentage of users. Just need the above manual outbound NAT to fix for those who have an issue.

                  1 Reply Last reply Reply Quote 0
                  • D
                    dwood
                    last edited by

                    Just realized our inbound VOIP calls don't work.  We typically route outbound calls via VOIP, and direct inbound to a non-voip line…so just realized we had the inbound call issue.

                    From what I can tell, to use this manual outbound NAT rule, you must therefore disable automatic outbound NAT.

                    What are the implications of doing this?  We're running SQUID3, snort, and several LAN subnets through two WAN connections.

                    1 Reply Last reply Reply Quote 0
                    • I
                      itsJim
                      last edited by

                      You don't have to disable it

                      1 Reply Last reply Reply Quote 0
                      • D
                        dwood
                        last edited by

                        For what it's worth, I have inbound SIP calls working now, but with a new VOIP provider, in this case Babytel.ca  Using manual outbound NAT did not work as it broke Squid web access.

                        For google search purposes, we're using a Talkswitch VOIP enabled PBX behind PFSENSE, and Babytel is configured on the unit to handle long distance calls (auto call routing).  Once I made the switch to this provider, everything works.  Automatic NAT is enabled, however port forwards for SIP signalling and audio are set up on PFSENSE 2.0.1

                        Inbound calls (via VOIP), remote extensions etc. all work properly now.  Previous provider was iristel.ca , and the switch to babytel.ca, solved the previous issues of SIP invites not being recieved through the router due to NATing I suspect of the packets.  For what it's worth, babytel's online account configuration as well as iphone app (softphone) all performed flawlessly in testing.  Quite impressed with their feature set/pricing etc.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.