Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    UDP routing WAN-LAN

    Scheduled Pinned Locked Moved
    Firewalling
    udp sip
    1
    1
    402
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hs_pfsenseuser
      last edited by

      Hi Guys,
      upgrading from 2.5.2 to 2.6.0 CE (with all public patches so far) I run into the following issue:
      I'm using an ISV router (Fritzbox) in transparent mode connected to the PFSense WAN interface and a SIP softphone APP on my computer connected to the LAN interface.
      UDP SIP-routing between router (SIP server) and computer (ports 5060 and 7078...) worked fine on 2.5.2.
      Using 2.6.0 CE UDP packets (audio 7078... ports) from LAN to WAN are blocked most of the time (not gernerally), when the initial SIP connection comes from WAN side. It works fine all the time, when the connection is initiated from LAN side. But stateless UDP does not know an initiator??

      What I've done so far:

      • FW rules for UDP routing with activated Logging say - OK (both sides)
      • Logs for FW rules to block and log all remaining traffic are empty (debug rules as last policy)
      • Global FW rule for testing which allows all traffic between PC and SIP-Server has no effect
      • TCPDump shows incoming UDP packages on LAN side and no outgoing packages on WAN side.

      Downgrading to 2.5.2 solves this issue. Is this a known bug?
      Any ideas are welcome.
      Harry

      1 Reply Last reply Reply Quote 0
      • First post
        Last post