Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SIP Packets are not hitting the firewall from the outside

    Scheduled Pinned Locked Moved NAT
    4 Posts 2 Posters 332 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mr-elamin2
      last edited by

      Hi,

      I spent two days trying to find out why SIP Packet from the UDP port 5060 not hitting my Firewall at all!
      I have some other custom TCP Ports open for other servers and all are working fine, except the SIP Port.
      I am hosting a PBX Server and I can make phone calls on the LAN Network, but I can't see any packet hitting the WAN port coming from SIP Phone clients that try to connect to my PBX Server on port 5060.
      I have implemented this NATing scenario from the documentation:
      https://docs.netgate.com/pfsense/en/latest/recipes/nat-voip-pbx.html

      Does anyone have an idea, where the problem could be?

      the first two screenshots are from nmaping and Wireshark from a SIP client on the WAN.
      and the third screenshot shows my Pfsense receiving no Packets.

      Thank you very much.

      cfda6cf1-0b59-4ad4-94a1-cef9fbd08274-image.png
      4a74ceac-f879-4b37-9aa7-804af27e510a-image.png
      59241c25-78b3-4d9a-a70f-bd49579c0048-image.png

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @mr-elamin2
        last edited by

        @mr-elamin2 if they aren’t getting to WAN it’s outside pfSense. Is there an ISP router and is it forwarding? Does the ISP block some inbound ports (not unheard of on a residential connection).

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        M 2 Replies Last reply Reply Quote 1
        • M
          mr-elamin2 @SteveITS
          last edited by

          Hi @SteveITS
          Thank you for the quick replay!
          your point of view is very good.

          I think my internet router is using port 5060 for itself,
          I have just found this article about the internet router that I use.
          https://www.kh2004.de/tipps/port-5060-laesst-sich-nicht-weiterleiten/

          I will continue to do my research and update the post........

          1 Reply Last reply Reply Quote 0
          • M
            mr-elamin2 @SteveITS
            last edited by

            @SteveITS
            after disabling the landline phone from my Internet router, the packet started to come :)
            Thank you very much for the hint :)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.