Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port Forwards not working

    Scheduled Pinned Locked Moved NAT
    6 Posts 2 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      flaknet
      last edited by

      Hi all, I have been using IpCop for years then a mate suggested pfsense which is so much better problem is I can not get port forwards to work.

      I have a asterisk box behind pfsense and need 5060 -5082 tcp/udp forwarded and 10002-10500 udp but it seams not to work i have a speed stream 4200 in full bridge mode when i use it with ipcop box asterisk works fine trunks register if i try it behind pfsense box trunks will not register.

      method used - firewall /nat /port forward
      interface -wan
      external address -interface address
      external port range 5060 - 5082
      nat ip -asterisk box
      local port 5060
      ticked auto add firewall rule

      where have i gone wrong ?

      cheers

      1 Reply Last reply Reply Quote 0
      • D
        danswartz
        last edited by

        One thing, I think you can get away with forwarding only the UDP 5060-5082, not UDP and TCP.  That said, try going to the NAT page, click on outbound, enable manual NAT, click on static port, and save your settings.  That may help.

        1 Reply Last reply Reply Quote 0
        • F
          flaknet
          last edited by

          That said, try going to the NAT page, click on outbound, enable manual NAT, click on static port, and save your settings.  That may help.

          thanks for the reply

          Ok so in manual NAT what do i have to set little confused here

          interface - wan
          source - network or any ? source port ?
          destination - network - any destination port ?
          translation- interface address or any  tick static port

          the internal address for asterisk is 192.168.100.3 will this rule send 5060 if specified in source port to 192.168.100.3 what happens to other ports like 10002 for rtp traffic

          cheers john

          1 Reply Last reply Reply Quote 0
          • D
            danswartz
            last edited by

            when you click manual and the rule magically appears, you should not need to change anything from the defaults already there except ticking the 'static port' box.

            1 Reply Last reply Reply Quote 0
            • F
              flaknet
              last edited by

              Thanks so much for your help asterisk is now working  ;D pfsense has so many more options than IPcop to get your head around, the thing i like the most is the Traffic shaper.
              do you mind explaining what manual outbound does differently to automatic ?

              cheers john

              1 Reply Last reply Reply Quote 0
              • D
                danswartz
                last edited by

                Nothing, per-se.  In automatic mode, there is an invisible rule that NAT things a certain way.  When you click manual, that rule appears explicitly and you can now tweak it.  Pfsense rewrites source port numbers in some situations and that can often cause problems.  static mode says to leave it alone.  This article on the wiki is more clear: http://doc.pfsense.org/index.php/Static_Port.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.