VoIP over IPsec; UDP packets not sent over VPN [solved]
-
Hi all,
I'm not sure if my problem has something to do with NAT, but it's worth a shot.
Basically, I have setup IPsec VPN (10.10.10.0/24) on my pfsense, and I'm able to connect from my BlackBerry and iPhone devices. I have Asterisk box sitting behind pfsense on local LAN - 192.168.1.0/24 (I only have one LAN subnet, no VLANs). I've already tried several VoIP applications on my mobile devices, and behavior is the same.
Basically, after I connect to VPN while on mobile network (4G), I'm able to register with my Asterisk box via local address (192.168.1.0/24), so the registration SIP packets are sent via VPN for sure. However, as soon as I place the call I see that my firewall is blocking the UDP (RTP) packets from my mobile IP address to my WAN address.
Why are the UDP packets not sent via VPN, but rather through the open mobile network?
I can of course do port forwarding from WAN to my Asterisk server, and everything is working well then. But for security I don't want to do port forward from WAN, but just use VPN.
Am I missing something in the NAT setup for this? Or maybe other firewall rules? Anyone else experience this?
Thanks a lot for your help!
Dmitri -
Probably your PBX does not have the VPN remote network set as a "local" network so it's putting its own public IP in the VIA headers.
So… not the firewall, a PBX config issue.
-
Probably your PBX does not have the VPN remote network set as a "local" network so it's putting its own public IP in the VIA headers.
So… not the firewall, a PBX config issue.
YES! Thank you! That solved my problem.
