Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    What rule is needed so my soft phone can find the sip server when local

    Firewalling
    2
    3
    508
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bort900
      last edited by

      Hello. I am trying to figure out how or what rule is needed so the soft phone app on my cell can get to our SIP server when on internal network.

      In short, it works fine over WAN because the address programmed into my soft phone is indeed on of our WAN IP addresses. When i am on our local LAN though, it cannot get to the server.

      Now we have to WANs coming in on two interfaces. Our internal network uses WAN1 and our hosted services (VoIP included) uses WAN2.

      I have tried creating all kinds of firewall rules, but have been unsuccessful. I need some way to tell pfSense to route this traffic to our local server, on a different internal network. I have tried creating a route, but that didn't work either.

      Note our VoIP server is on a different INTERNAL network as well. We isolate our services network from our "normal" network with wifi and end users.

      I don't care if it goes out WAN1, to the ISP, then in through WAN2. Both WANs are fiber from the same provider so latency won't be an issue.

      Insight very much appreciated. Thank you!

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        The easiest fix is to modify your DNS so that the public name resolves to the internal IP address, aka Split DNS

        https://doc.pfsense.org/index.php/Why_can't_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

        1 Reply Last reply Reply Quote 0
        • B
          bort900
          last edited by

          I had considered using DNS, I guess I figured making a rule with an IP would have been easier. Well thank you, I'll post back to confirm that works for me.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.