Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Allow fragmented packets (sipgate.de issue)

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 3.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      Der-Tim
      last edited by

      Hi there,

      I'm running pfSense on an PC Engines Alix Board, connected to the Internet actually via PPPoE (Deutsche Telekom DSL). I'm running a asterisk box behind the pfSense. I forwarded ports 5004-5040 (RTP) and 5060-5070 (SIP) to the internal IP of my asterisk box and created associated firewall rules. Everything seemed to work just fine, outgoing calls work well. But stop, inbound calls are missing the audio originating from the caller. A lot of Googl'ing figured out, that sipgate.de is sending fragmented packets (whether wanted or not, I'm not sure). I tested around, even with m0n0wall, which has an option to allow fragmented packets in it's firewall rules. While using m0n0wall, everything works out just fine. But I'd like to go on using pfSense. Is there a similar way of allowing these fragmented packets?

      pfctl -s all can be found here: http://pastebin.ca/1859479

      Any help is appreciated.

      Rgds, Tim

      1 Reply Last reply Reply Quote 0
      • N
        networkninja
        last edited by

        What about under System > Advanced > Clear DF bit instead of dropping ?

        1 Reply Last reply Reply Quote 0
        • D
          Der-Tim
          last edited by

          Thanks for your reply. I tested this, but it doesn't solve the problem. Actually I'm running on m0n0wall, as I'm in need of my PBX…

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.