Outbound NAT and VOIP Issues



  • I am getting quite frustrated with the lack of documentation on configuring certain aspects of the firewall, and I am under pressure to get this working immediately.

    The Automatic Outbound NAT is changing the outbound port for SIP traffic, which causes our phones to not work.  Is there a guide to configuring the Manual NAT so all of my internet services work, and the port doesn't get changed by the firewall for SIP traffic?





  • If both VoIP endpoints (your IP-PBX and your ITSP) have a reasonably modern SIP protocol stack that supports NAT traversal, you shouldn't have to enable static-port. Which is why pfSense has changed its default behavior since v1.2.3

    But if you need to, here's the info you'll need:

    http://doc.pfsense.org/index.php/Static_Port

    http://doc.pfsense.org/index.php/Category:NAT



  • Reading all of those articles didn't help me much.  This article led me to believe the source port was being changed and that I needed it to stop changing.  I had trouble understanding all of the applicable configuration options after reading thisThis page and the page it links to are lacking.

    I think I figured it out, though.  I changed my NAT to manual and the settings on the configuration page are below.  I didn't need static NAT for port 5060.
    WAN  10.xxx.xxx.xxx/xx * * * WAN address * NO

    I think what really fixed it was changing the state table behavior to conservative in the advanced system options.