Forward packets based on source port

  • My scenario is this. Our SIP trunk provider sends UDP packets on port 5060. For reasons I've yet to ascertain, they seem to hit our firewall on a random port (I've seen ports anywhere from low 3000s to nearly 60k).

    I've tried to set up a NAT rule that forwards a source port arriving on any destination to a target port, but if I understand correctly, if I have a range of destination ports, I need to have a range of target ports.

    Is there a workaround in this scenario or is the solution to figure out why the ports are being changed between the trunk provider and my WAN?

  • Port Randomization. Its a security feature and most VOIP providers work just fine with it.

    But otherwise.. You would want to make a "Static Port" for your VOIP client/devices. I doubt you need it. Who is your provider?

    You should never have to port forward for a SIP device. WAN firewall rules from your provider to the SIP device(es) will work in most cases. I.E.99%.

  • @chpalmer thanks... very helpful. Traffic seems to be going through pfSense now, it seems like there is also a firewall on the pbx itself that might be the source of my issues.

Log in to reply