FreePBX & pfsense
-
FreePBX has been running fine for years. It has a dynamic IP (Fios), but it only changes every six months or so. DDNS is set up and working.
I have had many routers over the years, and they have always been easy to set up. Forward a few ports, and you're good to go.
Now we had to switch to pfSense (Netgate 2100).
No matter what I tried, I could not get it working.
Set up NAT - Port Forward for all relevant ports
Auto setup routes for all these ports
Switched to Hybrid Outbound NAT rule generation. (Automatic Outbound NAT + rules below)
played around with outgoing NAT set to static.
Connections still fail. Despite forwarding and rules, port 80 (for Let’s Encrypt) is not available from the outside. Internally, everything works.
I have set up port forwarding for other machines, such as RDP, and they work without any problems.
So ANY tips?
-
It sounds like you're running FreePBX on premises, "behind" pfSense? Do you have a dedicated IP address with 1-to-1 NAT for FreePBX? What is your version of FreePBX? What connections are failing...anything besides TCP/80? Are you using your own domain for DDNS or some generic DDNS provider domain? You may have better luck switching to a DNS (TXT) challenge for Let's Encrypt. Consider acme.sh.
Are you using VoIP.ms, Flowroute, or some other service provider for SIP trunking (origination/termination)? Are you using SIP registration, no registration...?
Sharing your configuration XML might be helpful for others who would like to try to help you.
Reasonably anonymize the config file, before sharing.
-
@STEPHANK Freepbx runs fine behind pfsense in various setups and is rather straight forward to configure
In general not much is needed and in most cases not even any port forwards too.Do describe your configuration and setup.