1. Home
  2. pfSense® Software
  3. NAT
  4. Join.ME - SIP/NAT configuration

Join.ME - SIP/NAT configuration

  • L
    Banned

    Hi there, My name is Jeen

    New pfSense user and not especially familiar with firewall config and NAT.

    I have pfSense 2.4.1-RELEASE running and all is working fine with our mix of Mac and windows machines apart from Join.me - "web-based collaboration software application for screen-sharing and online meetings".

    Laptop users who want to use this can use it fine outside of our network but it wont work when they are behind the pfSense firewall. I've tried it on a couple of machines and non of them will work. They are making audio only calls apparently.

    Join.me support are not a lot of help in that they say do the following….

    You may need to check your firewall settings.

    Quote....

    The join.me internet calling service uses the SIP standard to facilitate communication between the computer and the conference service. In some environments, this may require certain ports and IP ranges to be opened in your firewall.

    The following port ranges should be allowed through your firewall:

    5060-5100 TCP Outbound (SIP Signaling ports)
    7800-32000 UDP Outbound (Voice Traffic ports)

    These ports should be opened to a specific IP address range:

    66.151.98.0/26
    189.8.82.112/28
    199.195.235.64/28
    209.197.28.0/25
    216.133.231.0/26
    117.120.4.96/28
    115.187.137.232/29
    185.167.188.0/22

    End Quote

    After some searching of the net and this forum I have taken this to mean the following...

    1. Change the outbound NAT mode to manual
    2. Add two outbound mappings at top of mappings list, 1 for upd and one for tcp as follows…

    Interface, Source, Source Port, Destination, Destination Port, NAT Address, NAT Port, Static Port
    WAN, 192.168.0.0/24, udp/*, JOINMEADDRESSES, udp/SIPUDPPorts, WAN address, , Static
    WAN, 192.168.0.0/24, tcp/    , JOINMEADDRESSES, tcp/SIPTCPPorts, WAN address, *, Static

    JOINMEADDRESSES is an alias with all the IP ranges specified by Join.me support (above).
    SIPUDPPorts and SIPTCPPorts are the port ranges specified by Join.me support (above).

    Anyway after doing that it still doesn't work.

    Can anyone help/nudge me in the right direction? I feel I'm probably missing something somewhere but lost as to where to look.

    Many thanks

    0
  • Derelict
    LAYER 8 Netgate

    You should not have to do anything special based on that description.

    All traffic for connections from LAN outbound is passed by default.

    You should probably undo everything you have done.

    0
  • KOM

    I have used join.me and GotoMeeting with pfSense and they work as is without any special config.  I've used it with both voip phones as well as my headset.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy