RTP / SIP Port Forwarding

  • I have been struggling with getting some SIP devices to connect to my Avaya sip server sitting behind my PfSense firewall.

    I have found a few guides on how to do this but none seem to do the trick. I can connect the calls but I have no media (no voice) on the call, I can see in the wireshark traces that the RTP data is not going to the correct IP address. However SIP traffic is connecting just fine, I seem to be stuck with the RTP data not going to where it needs to go.

    PfSense Version 2.3.2
    Avaya System Manager 6.3
    Avaya Session Manager 6.3
    Avaya Communications Manager 6.3
    9608g IP phone
    one-x Attendant IP SoftPhone
    Android One-x Communicator (from app store)

    My Avaya server is using UTP ports for RTP 2048 - 7999

    I have configured the following WAN rule.
    Interface: WAN
    Protocol: UDP
    External port range: From: 2048
    External port range: To: 7999
    NAT IP: (my internal sipserver)
    Local Port: 2048
    Description: Avaya RTP Sessions
    Checked auto create rule.

    Interface: WAN
    Protocol: UDP
    External port range: From: 5060
    External port range: To: 5060
    NAT IP: (internal sip server)
    Local Port: 5060
    Description: Avaya SIP 5060
    Checked auto create rule.

    I also installed SIPROXD with the following settings

    Inbound Interface: LAN
    Outbound Interface: WAN
    Enable RTP Proxy: Enable
    RTP Port Range (lower): 2048
    RTP Port Range (upper): 7999
    Outbound Proxy Hostname: My Public IP Address

    I have also tried with and without the NAT manual outbound rule for my voice vlan, as well as Disabling firewall PF scrubbing. None of this has worked so far.

    Any suggestions would be appreciated.