SOLVED - No SIP Audio - Transparent Bridge w/ Public IPs

  • Greetings,

    I have no audio between callers during a SIP session.  The calls do initiate, but there is no media.  All respective ports 9,000-10,000 and 16348-32767 are opened on my WAN side.  I am currently allowing all traffic from the LAN side.  Before anyone suggests the static-port fix, I have attempted it.  Static ports and Manual Outbound NAT is selected.  This does not fix my issue. Here is my setup:

    isp public ***.49 > pfSense WAN ***.50 <-bridged-> pfsense LAN ***.51 > HP Switch > VoIP Switch ***.58

    All IPs are public and in the same subnet.  The SIP client does register and wireshark traces show that the call does build.  The gateways of all hosts are pointing to .49, so the pfSense box should be transparent.  The WAN and LAN are bridged.  All of my ports are set on the WAN side.  It's driving me nuts, what on earth am I missing?

    Thanks in advance for any help,


  • I am a newbie, but sense you are using public IP's I dont think you should be using NAT at all. In AON you shouldnt have anything defined as you are using all Public IP's. Right?

  • cconk01 you are definitely correct.  My thought was that NAT should be turned off for my transparent bridge to truly be transparent.  It now is.  I thought that simply changing the NAT rule to Manual would fix the issue.  Very wrong.  The rule that gets auto-generated on the bottom of the Firewall:NAT:Outbound page needs to be deleted.  I went digging in the forums for a transparent bridge setup with public IPs to find that little gem.  My main problem was that I was focused on the issue being SIP related and had read every post I could regarding SIP.  The problem was with NAT and my setup.

    Thank you cconk01 for nudging me in the right direction.  For anyone else using pfSense as a transparent bridge with a public network here's are the quick steps I took:

    1.) Bridge your WAN and LAN
    2.) Turn on Manual Outbound NAT rule generation (Advanced Outbound NAT (AON)) in Firewall:NAT:Outbound
    3.) Delete the rule that is auto-generated at the bottom of the Firewall:NAT:Outbound page

  • Im glad I could help. To be honest, I'm new to pfsense and I have been trying to read up on as many post as I can, which goes along way. Cheers to pfsense.

  • Ok - so I have a very similar problem to this but after applying your fix I still have no joy. My VoIP system is Microsoft OCS R2 and I can't get audio between an external client on the Internet and an internal client. PFSense should now be completely transparent but still I get no audio.

Log in to reply