Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Port Forwarding being overridden by second server

    NAT
    1
    1
    1038
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      briankelly63 last edited by

      Let me start with a short description. Perhaps someone familiar with the inner workings might understand whats going on.

      pfSense is up to date…

      asterisk voip server #1 on Lan 192.168.0.185. Nat Port forwarding, Rules and Static outgoing all set up for port 5060 no RTP mapping needed.
      this works without issue.

      Server #2 192.168.0.221 is a sandbox system configured only to make outgoing calls. My provider use IP Auth so no registration is required. If a call is sent to them with the proper credentials it will be processed. There are no port forwards to this server. There is an outgoing NAT outbound rule set up for a static port so that RTP audio works properly.

      Sometimes both systems seem to be able to coexist but at other times here's what seems to be happening. If a call is placed through server #2 to the provider pfSense is dynamically doing what a router is supposed to do in terms of passing the port 5060 requests and setting up the RTP ports. Problem is that dynamic mapping creates an entry in the States table that effectively maps incoming traffic from the provider to Server #2. That effectively disables the existing port forwarding for server #!1. Future incoming call attempts meant for server #1 instead go to Server #2.

      So my questions comes down to the relationship between defined port forwards vs. those done on the fly by the firewall. Is there a way to control who wins if that is in fact the issue? Maybe it's something else....

      1 Reply Last reply Reply Quote 0
      • First post
        Last post