Inbound Firewall Rules Multiple WANS



  • Hi not sure if anyone can help, I have a setup with three WAN's eaching using pppoe all working fine one question is for inbound firewall rules created in NAT using say WAN2 or WAN3 once the NAT rule is created should you then proceed to edit the WAN2 or WAN3 firewall rule and change the gateway to the correct WAN interface.

    The reason I ask is my Asterisk VoIP server is using WAN3 and I have been experiencing random issues with the SIP and RTP ports getting blocked even thought the rules are allowed.

    Changing the gateway for the inbound rules appears to have rectified this issue, it is early days to prove this is the main cause.



  • No, never set a gateway on WAN rules, that will break things if it's ever actually hit. It'll force that traffic to be routed to that gateway, not to the desired target host.



  • Many thnaks for the reply, the problem I am having is where by the firewall doesn't seem to be passing SIP traffic 5060 UDP. 95% of the time it works fine then suddenly it fails in the logs below is an example of the failed log.

    Apr 18 07:56:34 WAN3_VOIP 193.203.210.39:5060 87.127.34.36:24724 UDP

    I have an inbound NAT rule which allows all 5060 UDP -> 192.168.9.1 (VoIP Server)

    I also have outbound NAT with static port

    Any advice would be great.



  • Resolved this by disabling inbound port forwarding for port 5060 and it works fine now


Log in to reply