Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Join.ME - SIP/NAT configuration

    NAT
    3
    3
    523
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      liver007 Banned
      last edited by stephenw10

      Hi there, My name is Jeen

      New pfSense user and not especially familiar with firewall config and NAT.

      I have pfSense 2.4.1-RELEASE running and all is working fine with our mix of Mac and windows machines apart from Join.me - "web-based collaboration software application for screen-sharing and online meetings".

      Laptop users who want to use this can use it fine outside of our network but it wont work when they are behind the pfSense firewall. I've tried it on a couple of machines and non of them will work. They are making audio only calls apparently.

      Join.me support are not a lot of help in that they say do the following….

      You may need to check your firewall settings.

      Quote....

      The join.me internet calling service uses the SIP standard to facilitate communication between the computer and the conference service. In some environments, this may require certain ports and IP ranges to be opened in your firewall.

      The following port ranges should be allowed through your firewall:

      5060-5100 TCP Outbound (SIP Signaling ports)
      7800-32000 UDP Outbound (Voice Traffic ports)

      These ports should be opened to a specific IP address range:

      66.151.98.0/26
      189.8.82.112/28
      199.195.235.64/28
      209.197.28.0/25
      216.133.231.0/26
      117.120.4.96/28
      115.187.137.232/29
      185.167.188.0/22

      End Quote

      After some searching of the net and this forum I have taken this to mean the following...

      1. Change the outbound NAT mode to manual
      2. Add two outbound mappings at top of mappings list, 1 for upd and one for tcp as follows…

      Interface, Source, Source Port, Destination, Destination Port, NAT Address, NAT Port, Static Port
      WAN, 192.168.0.0/24, udp/*, JOINMEADDRESSES, udp/SIPUDPPorts, WAN address, , Static
      WAN, 192.168.0.0/24, tcp/      , JOINMEADDRESSES, tcp/SIPTCPPorts, WAN address, *, Static

      JOINMEADDRESSES is an alias with all the IP ranges specified by Join.me support (above).
      SIPUDPPorts and SIPTCPPorts are the port ranges specified by Join.me support (above).

      Anyway after doing that it still doesn't work.

      Can anyone help/nudge me in the right direction? I feel I'm probably missing something somewhere but lost as to where to look.

      Many thanks

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        You should not have to do anything special based on that description.

        All traffic for connections from LAN outbound is passed by default.

        You should probably undo everything you have done.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • KOMK
          KOM
          last edited by

          I have used join.me and GotoMeeting with pfSense and they work as is without any special config.  I've used it with both voip phones as well as my headset.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.