Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Need assistance setting up PAP2 (voip) on the DMZ [FIXED]

    Scheduled Pinned Locked Moved Firewalling
    1 Posts 1 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      ck42
      last edited by

      I have a ViaTalk voip adapter and want to configure it to be setup on the DMZ.

      I have a functioning system and have added the DMZ interface.
      I've setup the DMZ on a separate subnet (internal LAN is on 192.168.0.0/24 and DMZ is on 192.168.1.0/24)
      Under the DMZ rules, I've added:

      1. Rule to allow the DMZ outbound access using any protocol and to any address (Source: DMZ net - everything else is ANY)
      2. Rule to allow inbound UDP ports 5060, 10K-20K destined to the static IP address of the voip adapter (Source/Port ANY, Destination: IP address of voip adapter, Port set for 5060 and 10K-20K)

      I've also setup in NAT 2 entries for port forwarding.  These are for the two port ranges mentioned in #2 above.
      They're configured as such:

      Interface: WAN
      Protocol: UDP
      External port range: As mentioned in #2
      NAT IP: IP address of the voip adapter
      Local Port: Again, same port number or range mentioned in #2

      In the NAT section, under the outbound tab, there is an entry for:

      Interface: WAN
      Source: the DMZ's network range
      Destination: Any
      Translation: N/A

      So, as far as I can tell, this should be working.
      Just to be sure though, I placed the voip adapter on the LAN subnet and got it to successfully connect.
      But, when it's configured and running on the DMZ, it won't connect.

      What am I missing?  ???

      [EDIT] Looks like I need to set a static port in the NAT 'Outbound' section.
      I simply took the entry that was already there and set the 'Static Port' option to YES.  Then changed the radio button to the 'Advanced Outbound NAT' option.  Looking at the GUI of the adapter, it's still not connecting.

      [EDIT2]
      Never mind.  Got it working.  I had previously, temporarily while testing, disabled the rule that allowed the DMZ outbound to anything….before I discovered the Static Port config that I was missing.  Once I re-enabled that DMZ outbound rule, it looks like the Static Port setup was able to properly take effect.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.