Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Strange H323 NAT behaviour

    Scheduled Pinned Locked Moved NAT
    1 Posts 1 Posters 722 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      Edge
      last edited by

      Hello Folks,

      i'm using PfSense for over one year now and have several FWs with pfsense out there which i manage.
      Now i installed a GNUGK for Firewall Traversal H323 Connections through the PF Firewall with PFsense.
      So far everything works, unless i only register one System out of my LAN to my external GK (for testing purposes there is no Firewall infront of the GNUGK and it has a public IP)
      But when i register 2 or more Systems in the same LAN to the IP of the Gatekeeper which obvisiouly works fine, i can't call them internally.
      When i check the registrations on the Gatekeeper i noticed every System out of my LAN ist registered with my outgoing public NAT IP (1.2.3.4). When i do some 1:1 NAT to one System an it gets another public IP (1.2.3.5) and registers with this IP at the GNUGK. Then i can call the Systems internally. So i think i've got here a little Problem with my NATing, cause the H323 Call signaling opens Port 1720 but i think the way back to the other System is blocked or something. I've already added a Pass in/out Rule for the IP of my GNUGK to the PFsense, but this has no effect.
      Can someone point me in the right direction where i should look after?
      I already enabled NAT Reflection (PureNAT) but even this Setting has no effect.

      Thanks in advance
      Edge

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.