Allow fragmented packets (sipgate.de issue)



  • Hi there,

    I'm running pfSense on an PC Engines Alix Board, connected to the Internet actually via PPPoE (Deutsche Telekom DSL). I'm running a asterisk box behind the pfSense. I forwarded ports 5004-5040 (RTP) and 5060-5070 (SIP) to the internal IP of my asterisk box and created associated firewall rules. Everything seemed to work just fine, outgoing calls work well. But stop, inbound calls are missing the audio originating from the caller. A lot of Googl'ing figured out, that sipgate.de is sending fragmented packets (whether wanted or not, I'm not sure). I tested around, even with m0n0wall, which has an option to allow fragmented packets in it's firewall rules. While using m0n0wall, everything works out just fine. But I'd like to go on using pfSense. Is there a similar way of allowing these fragmented packets?

    pfctl -s all can be found here: http://pastebin.ca/1859479

    Any help is appreciated.

    Rgds, Tim



  • What about under System > Advanced > Clear DF bit instead of dropping ?



  • Thanks for your reply. I tested this, but it doesn't solve the problem. Actually I'm running on m0n0wall, as I'm in need of my PBX…


Log in to reply