NAT & FW Rule in place - still being blocked (SIP)
First up - I know this is my issue and not pfsense … but I could do with some help understanding this.
I have a SIP home phone system that connects out to my SIP provider. The unit has registered no problems and I can make outbound calls. I'm not getting inbound calls though.
I followed this guide to configure the required NAT and FW rules:
As far as I can see, I have port forwarding in place:
INTERFACE / PROTOCOL / FROM / PORT RANGE / TO / PORT RANGE / NAT TO / NAT PORTS:
WAN -> UDP -> SIP PROVIDER RANGE -> ANY SOURCE PORT -> MY WAN ADDRESS -> SIP PORT RANGE -> INTERNAL SIP SYSTEM -> SIP PORT RANGE
Yet when I make an inbound call - all I see is the traffic being blocked by the default deny rule. All the blocked traffic appears to fit the NAT & FW rules sets. Yet obviously it can't match ... somewhere. I'm confused.
If you were to post the firewall block log entries and the rules you think should be passing the traffic, someone else might be able to tell what you're doing wrong.
I've managed to get the traffic to pass by creating a modified firewall rule (based on the auto generated NAT fw rule) which relaxes the destinations and the port range. Why the NAT generated rule doesn't work I do not know.
When I get a chance - I'll dig out the log / rules and post up as suggested.