Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFsense w/ Elastix PBX

    Scheduled Pinned Locked Moved NAT
    2 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Mackling101
      last edited by

      Hello Forums!

      Having some serious issues getting Elastix 2.5 PBX to work behind a PFsense.

      Here is the scenario:

      PFsense Router
      Elastix 2.5 behind router on static LAN IP

      Have created NAT inbound rules to allow VOIP (NexVortex) IPs access via port 5060.
      Also, created NAT inbound rule to allow RTP.

      Have created a NAT outbound rule to allow RTP out using Static NAT.

      All firewall rules were created automatically.

      As it stands now, call can be made Externally to Internally (Cell to PBX number) connection and media tunnel all work fine.

      The problem is, the phones (Cisco SPA525G) cannot call to any of our Intra-company Trunks / routes or to any external lines (cell or other).

      The Intra-company Trunks can call into the Elastix behind the PFsense. Then, there is the ability to call back for several minutes.

      This whole situation has been fairly infuriating and my colleagues and I have tried multiple PFsense documents and other forum posts / recommendations.

      The NAT Outbound RTP rule is as follows:

      interface: WAN    source: udp/any()      Destination: any()    Destination port: udp/any()    NAT address: Interface    NAT Port: any()  STATIC IS CHECKED

      The Port Forward Rule for RTP is as follows:

      interface: WAN    PROTOCOL: UDP      Source Ports: any(*)    Destination Add.: WAN    NAT IP: PBX Static    NAT Port: RTP Range 10000-20000

      We have, as stated, port forwarding from NexVortex IPs (3 of them) to Destination WAN (OUR WAN) port 5060 | NAT IP: PBX Static port 5060.

      The Intra-company trunks are accessed over an MPLS (not sure if that can cause issues).

      As stated, Firewall rules were generated automatically.

      The PBX has a configuration with:

      External IP: our WAN
      Local address: 192.168.0.0 / 255.255.0.0
      nat=yes
      qualify=yes

      and the correct allows and disallow=all also the correct sdp/useragent

      If anyone has ANY solutions, help, advice, please comment. If you need any further information, I can provide (to a certain extent).

      Thank you all for the help in advance.

      1 Reply Last reply Reply Quote 0
      • W
        Wolf666
        last edited by

        Just my 2 cents and not new solution for you.
        I recently configured my PBX with pfSense and I have no issues so far.
        I only set NAT outbound rules as static, no need to set any port forwarding. Once PBX got registration, the state is well shown and kept alive. Outbound and inbound calls work fine.

        Modem Draytek Vigor 130
        pfSense 2.4 Supermicro A1SRi-2558 - 8GB ECC RAM - Intel S3500 SSD 80GB - M350 Case
        Switch Cisco SG350-10
        AP Netgear R7000 (Stock FW)
        HTPC Intel NUC5i3RYH
        NAS Synology DS1515+
        NAS Synology DS213+

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.