Asterisk IAX2 inbound traffic (SOLVED)



  • I recently started to use pfsense and I have replaced my home router with it and figured out the port forwards for my asterisk 1.8 box so far so good . sip with the rtp ports for voice traffic is no problem. calls come in and I can make calls out.

    my problem is the iax2 connections from the outside world are unable to connect to me.

    they can get the ip address from my dyndns hostname but they just will not connect.

    I figure I would have more trouble with sip and the ports then IAX2

    I setup a nat rule and it created a rule in the firewall as a associated nat rule.

    so
    Protocol udp
    destination wan address (or should I have single host or alias )  and enter my local asterisk server lan ip??
    Destination port range from:4569    (do I need to enter to feild?)
    Redirect target IP (my internal ip address for asterisk)
    Redirect target port other 4569 (why am I asked this again?)
    NAT reflection system default ?

    do I need to creat a filter rule or is the one what ity has in the rules fine ?

    is there any info you need to give me a answer on what I am doing wrong?



  • You need to create a portforward rule to point to the iax device (asterisk).  Then open up 4569 as a rule and you're done.



  • now I can swap out my pfsense computer with my regular router and everything connects and works as it should

    not sure if this helps but with awsterisk I get cli errors with pfsense in place

    [Apr 30 16:52:49] WARNING[5432]: acl.c:582 resolve_first: Unable to lookup 'dyndns hostname of a host here/extnumber'
          > doing dnsmgr_lookup for 'dyndns hostname of a host here/extnumber'
    [Apr 30 16:52:49] ERROR[5432]: netsock2.c:263 ast_sockaddr_resolve: getaddrinfo("dyndns hostname of a host here/extnumber", "(null)", …): Name or service not know



  • I have a port forward rule on NAT

    and just re-made a rule to send udp 4569 to my local pbx server
    Proto   Source   Port   Destination   Port
    UDP           *           *   10.0.0.208   4569

    I also just enabled http://doc.pfsense.org/index.php/Static_Port
    does not seem to help at all.

    urgh  I really like this pfsense shame to go back to the goodold router



  • ok here is the answer

    I setup a nat rule

    Interface  WAN
    Protocol UDP
    Destination WAN Address

    Destination port range
    from:  4569
    to: 4569

    Redirect target IP
    Enter the internal IP address of the server on which you want to map the ports.
    e.g. 192.168.1.12
    Redirect target port 4569
    NAT reflection enable
    save and apply
    did the trick for me

    everyone is so happy now lol


Log in to reply