Asterisk & NAT PFsense
-
Dear,
I have many problems with the new pfsense version -> asterisk + nat.
- outgoing call don't work well (some call reject)
- cut phone
-> asterisk config ok
-> voip supplier ok…Actually, i try :
nat on pppoe1 inet from networklan/22 port = 5060 to any port = 5060 -> ipwan static-port
rdr pass on pppoe1 inet proto udp from any port = 5060 to any port 5060:64000 -> planasteriskserver
all udp sipserv1:5060 <- iplanasteriskserver:5060 MULTIPLE:MULTIPLE
all udp iplanasteriskserver:5060 -> myipwan:5060 -> sipserv1:5060 MULTIPLE:MULTIPLESo :
Firewall:Rules
TCP/UDP sipserv1 * * * * none (pass)
TCP/UDP sipserv2 * * * * none (pass)
TCP/UDP sipserv3 * * * * none (pass)
TCP/UDP sipserv4 * * * * none (pass)Firewall:nat
WAN UDP * * * 10000 - 20000 192.168.184.2 10000 - 20000
WAN UDP * 5060 (SIP) * 5060 - 64000 lanip 5060 - 64000Why sipserv2,3,4 don't appear when i do a pfctl -sa | fgrep 5060 ?
Any idea ?Sorry for my bad english.
Thank you. -
I have many problems with the new pfsense version -> asterisk + nat.
-> asterisk config ok
-> voip supplier ok…Start with providing more information, i.e. versions of both pfsense and asterisk involved.
What "new pfsense version" ? I've tested both 2.0.x and 2.1-DEVEL.Typically shouldn't need static-port outbound nat or any port-forwarding of inbound traffic (note: unless you have remote extensions e.g. you connect remotely to your voip server from dynamic IPs).
-
PFsense : 2.0.1-RELEASE
Debian Squeeze + asterisk 1.6 -
You need manual outbound NAT for Asterisk to work properly.
Kostas
-
You need manual outbound NAT for Asterisk to work properly.
I assume you meant "You need manual outbound NAT" … with static-port option enabled. Having looked into the subject of NAT + SIP, I would say that static-port isn't typically required (I've never had to enable it for either 2.0.1 or 2.1-BETA with various versions of Asterisk 1.8.x). In fact static-port can lead to other sorts of problems, e.g. read http://forum.pfsense.org/index.php?topic=45255.15
VoIP questions come up often in this forum, however it is nearly impossible to offer a universal guide that works for everyone. There are just too many combinations of factors involved e.g. NAT implementation, capabilities and configuration of SIP peers (i.e. VoIP software at your side as well as at your VoIP provider's), possibly enabled SIP ALG/proxy inside the ADSL modem, people enabling siproxd etc.
To debug VoIP issues, one has to look at packet captures of SIP traffic.