Why is it so? VOIP requires interface rule



  • I have a VOIP setup over the OpenVPN and it works, but i don't understand why I need to add at the interface level.

    NAT Port Forward
    Src Add Src Ports Dest Add Dest Ports Nat Add Nat Ports Gateway

    •          *              to    VOIPBOX   VOIP_PORTS      VOIPBOX       VOIP_PORTS        VPNGW
      

    Rules
    auto-created (in OpenVPN)
    Src Add Src Ports Dest Add Dest Ports Gateway

    •          *              to    VOIPBOX   VOIP_PORTS      VPNGW 
      

    the above doesn't work, until I add the below
    Rules
    VPN1 & VPN2
    Src Add Src Ports Dest Add Dest Ports Gateway

    •          *              to    VOIPBOX   VOIP_PORTS      VPNGW 
      

    Why do I need to add this to the VPN interfaces, instead of the OpenVPN. This is also true for allowing the pfsense to connect to the upgrade server. I have to create a rule on the VPN interfaces to allow VPN1 & 2 net to HTTPS or the packages are not available. If i create under OpenVPN it doesn't work.