Port Forwards not working
-
Hi all, I have been using IpCop for years then a mate suggested pfsense which is so much better problem is I can not get port forwards to work.
I have a asterisk box behind pfsense and need 5060 -5082 tcp/udp forwarded and 10002-10500 udp but it seams not to work i have a speed stream 4200 in full bridge mode when i use it with ipcop box asterisk works fine trunks register if i try it behind pfsense box trunks will not register.
method used - firewall /nat /port forward
interface -wan
external address -interface address
external port range 5060 - 5082
nat ip -asterisk box
local port 5060
ticked auto add firewall rulewhere have i gone wrong ?
cheers
-
One thing, I think you can get away with forwarding only the UDP 5060-5082, not UDP and TCP. That said, try going to the NAT page, click on outbound, enable manual NAT, click on static port, and save your settings. That may help.
-
That said, try going to the NAT page, click on outbound, enable manual NAT, click on static port, and save your settings. That may help.
thanks for the reply
Ok so in manual NAT what do i have to set little confused here
interface - wan
source - network or any ? source port ?
destination - network - any destination port ?
translation- interface address or any tick static portthe internal address for asterisk is 192.168.100.3 will this rule send 5060 if specified in source port to 192.168.100.3 what happens to other ports like 10002 for rtp traffic
cheers john
-
when you click manual and the rule magically appears, you should not need to change anything from the defaults already there except ticking the 'static port' box.
-
Thanks so much for your help asterisk is now working ;D pfsense has so many more options than IPcop to get your head around, the thing i like the most is the Traffic shaper.
do you mind explaining what manual outbound does differently to automatic ?cheers john
-
Nothing, per-se. In automatic mode, there is an invisible rule that NAT things a certain way. When you click manual, that rule appears explicitly and you can now tweak it. Pfsense rewrites source port numbers in some situations and that can often cause problems. static mode says to leave it alone. This article on the wiki is more clear: http://doc.pfsense.org/index.php/Static_Port.