SIP assurance
-
I'm focusing on retraining brain to pfSense way (which I don't doubt is the way everyone does stuff) but there's some resistance to source vs destination in lan v wan.
As suggested in many SIP forums I've changed
Firewall: NAT: Outbound
ticked: Manual Outbound NAT rule generationAuto created rule for LAN to WAN
static port: NOBecause I've been suffering VoIP quality issues for some time I added some overkill
Firewall: NAT: Port Forward
wan
proto: tcp/udp
src addr: my_voip
src port: any
dest addr: wan address
dest ports: my_sip
nat ip: my_obi
nat ports: my_sipin the associated firewall rule I added it to Ackqueue/Queue: none/qVoip
The question is have I lined up the src & dest appropriately?
and what associated dest/src lan NAT should I add to this end?
it's tcp/udp because some of my providers can 'SIP TCP' (sip2sip & anveo).
alias:hosts
my_voip=
a list of all my sip/voip providers including their proxies – any hosts used by lan devices and respective DNS SRV RRs
my_simple= ostel.me, ostel.co, sip2sip.info, proxy.sipthor.netalias: ports
my_SIP= 5060:5082
my_RTP= 16300:19000At some point more likely soonventually when chided I'll try the siproxd package if it's less problematic than milkfish was on ddwrt
-
after having re re read the voip wiki I am no longer certain if voip nat outbond should be "static NO" or "static YES"… and which of those means "port rewritten". 'symmetric yes' is 'static yes', right?
in that case would I replace the "Auto created rule for LAN to WAN" with three
wan
192.168.40.0
src port: udp/my_sip
dest: *
dest port: udp/*
nat addr: *
nat port: *
static: nowan
192.168.40.0
src port: udp/*
dest: *
dest port: udp/my_sip
nat addr: *
nat port: *
static: nowan
192.168.40.0
src port: *
dest: *
dest port: *
nat addr: *
nat port: *
static: YES