PFsense w/ Elastix PBX



  • Hello Forums!

    Having some serious issues getting Elastix 2.5 PBX to work behind a PFsense.

    Here is the scenario:

    PFsense Router
    Elastix 2.5 behind router on static LAN IP

    Have created NAT inbound rules to allow VOIP (NexVortex) IPs access via port 5060.
    Also, created NAT inbound rule to allow RTP.

    Have created a NAT outbound rule to allow RTP out using Static NAT.

    All firewall rules were created automatically.

    As it stands now, call can be made Externally to Internally (Cell to PBX number) connection and media tunnel all work fine.

    The problem is, the phones (Cisco SPA525G) cannot call to any of our Intra-company Trunks / routes or to any external lines (cell or other).

    The Intra-company Trunks can call into the Elastix behind the PFsense. Then, there is the ability to call back for several minutes.

    This whole situation has been fairly infuriating and my colleagues and I have tried multiple PFsense documents and other forum posts / recommendations.

    The NAT Outbound RTP rule is as follows:

    interface: WAN    source: udp/any()      Destination: any()    Destination port: udp/any()    NAT address: Interface    NAT Port: any()  STATIC IS CHECKED

    The Port Forward Rule for RTP is as follows:

    interface: WAN    PROTOCOL: UDP      Source Ports: any(*)    Destination Add.: WAN    NAT IP: PBX Static    NAT Port: RTP Range 10000-20000

    We have, as stated, port forwarding from NexVortex IPs (3 of them) to Destination WAN (OUR WAN) port 5060 | NAT IP: PBX Static port 5060.

    The Intra-company trunks are accessed over an MPLS (not sure if that can cause issues).

    As stated, Firewall rules were generated automatically.

    The PBX has a configuration with:

    External IP: our WAN
    Local address: 192.168.0.0 / 255.255.0.0
    nat=yes
    qualify=yes

    and the correct allows and disallow=all also the correct sdp/useragent

    If anyone has ANY solutions, help, advice, please comment. If you need any further information, I can provide (to a certain extent).

    Thank you all for the help in advance.



  • Just my 2 cents and not new solution for you.
    I recently configured my PBX with pfSense and I have no issues so far.
    I only set NAT outbound rules as static, no need to set any port forwarding. Once PBX got registration, the state is well shown and kept alive. Outbound and inbound calls work fine.