Is pfSense a SBC, or is there a package for SBC?

stephenw10

Urgh.

Good luck. Open threads for failover WAN or VPNs or whatever you need.

Steve

totalimpact

I know its been a few months.... but thought I would chime in since someone told me I "need an sbc to do voip" - that may have been true 20 years ago, today we are blessed with a firewall that can do it right-

Create Firewall>Alias to your trunk IPs - if your trunk provider has 1 IP get a better provider. Also make alias for your PBX ip.
Go to Firewall>NAT Forward UDP 5060 to the PBX alias, restricting the source from the Trunk alias (this should keep you fairly secure)
For RTP (audio) Forward 10,000-20,000 udp to the PBX, many trunk providers may not send RTP from the same IP as the signaling, in fact they may have dozens of audio media gateways, so it may not be possible to limit source traffic there.
Then in Freepbx, (depending on your version) go to Advanced SIP Settings (may need to install this module), and make sure your local LAN subnet and public IP are entered there. Or if you have a newer version, I think its v14+, you will have to decide between Chan_SIP, or PJ_SIP driver, and adjust the advanced settings there-
https://community.freepbx.org/t/additional-sip-settings-under-freepbx-14/52782/6

If the above doesnt get you working, your provider sending TCP instead of UDP? Or you need to fix outbound NAT:

In Pf go to Firewall>NAT>Outbound, set it to Hybrid, and add a rule:
Interface: WAN
Protocol: UDP
Source: PBX alias
Dest: Any
Port or Range: Static Port checked

Flush the firewall state table, and that will probably cover everything.

NollipfSense

I used these two references to create no problems for my FreePBX ...

https://www.youtube.com/watch?v=QFk5jX-oeSo

https://docs.netgate.com/pfsense/en/latest/nat/configuring-nat-for-a-voip-pbx.html
The only difference I made from the above is I used a WAN floating rule.