Firewall blocking allowed RTP packets

totalimpact

pf 1.2.3 nanobsd on an alix.

We have an asterisk pbx on the lan, and 3 SIP providers.

2 providers work fine, but the 3rd is giving us 1 way audio.

I am passing udp 5060 and 10,000-20,000 through NAT to my pbx using the routers wan IP, and I am logging the RTP rule in the firewall.

When I check the firewall system logs it shows the RTP traffic being passed, but if I run a TCPdump on my pbx, there is never an rtp packet received (no iptables).

Spent all day with support at the ITSP, and they have sworn its on my end, and I have come to the conclusion that it is the firewall.

I plugged in a buffalo router and put the pbx in DMZ - all issues resolved, I factory defaulted the pfsense install and started with only sip ports in the NAT, but the 1 way audio is still there. The proper NAT settings are in my sip.conf, and this system was previously working, so I am not sure what is going on.

Not that it means much (anyone can screw up), but i have deployed 50-60 asterisk pbx's, and several pfsense firewalls as well. Any ideas?

Perry

http://doc.pfsense.org/index.php?title=Special%3ASearch&search=voip&go=

As you also have a working solution a tcpdump on pfsense from both, your can compare, could help.

totalimpact

Thanks Perry, that got me in the right direction.

Doing Manual Outbound NAT did the trick - although I cannot figure out why 2 providers worked fine, and one didnt.