Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense is blocking outbound Trixbox (SIP) ports

    Scheduled Pinned Locked Moved
    Firewalling
    3
    3
    3.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jakobud
      last edited by

      Setting up a Trixbox (http://fonality.com/trixbox/) (like Asterisk or FreePBX) for VoIP on our network today.  During the setup there is a diagnostic test that tests your outbound ports.  It requires the following outbound ports on the network to be open

      UDP 5060
      UDP 10278
      UDP 15335
      UDP 4569
      TCP 6600
      TCP 5222

      The diagnostic is saying that all ports are blocked.

      Looking in pfSense at the Firewall > Rules > LAN section, it is wide open.  No restrictions:

      
Proto	Source	Port            Destination	Port	Gateway	Schedule	Description	

*                      LAN net	 *	                *	*	        *	  	 LAN > Anywhere

      That's the only rule.  That means everything is wide open right?  To my understanding that means there is nothing blocking any outbound ports.

      Also on the trixbox itself the firewall is completely disabled.

      Any idea where I should be looking to diagnose this?

      1 Reply Last reply Reply Quote 0
      • M
        Metu69salemi
        last edited by

        Everything is wide open from inside to outside. there reads "LAN net" as an source.
        You might want to add alias for those ports
        and then create wan rule which allows:

        proto: tcp/udp
        Source port: *
        Source: *
        Destination port: your alias
        Destination: LAN NET (or more preferably: voip alias)

        1 Reply Last reply Reply Quote 0
        • M
          mlanner
          last edited by

          Jakobud,

          I think you need to create a Manual Outbound NAT (AON) rule for the trixbox to work properly. Just set it to AON and create a rule for the IP address of your trixbox and set port to static "YES" and it should work. At least it has worked fine for me several times.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post