NAT & FW Rule in place - still being blocked (SIP)
-
First up - I know this is my issue and not pfsense … but I could do with some help understanding this.
I have a SIP home phone system that connects out to my SIP provider. The unit has registered no problems and I can make outbound calls. I'm not getting inbound calls though.
I followed this guide to configure the required NAT and FW rules:
https://doc.pfsense.org/index.php/PBX_VoIP_NAT_How-to
As far as I can see, I have port forwarding in place:
INTERFACE / PROTOCOL / FROM / PORT RANGE / TO / PORT RANGE / NAT TO / NAT PORTS:
WAN -> UDP -> SIP PROVIDER RANGE -> ANY SOURCE PORT -> MY WAN ADDRESS -> SIP PORT RANGE -> INTERNAL SIP SYSTEM -> SIP PORT RANGEYet when I make an inbound call - all I see is the traffic being blocked by the default deny rule. All the blocked traffic appears to fit the NAT & FW rules sets. Yet obviously it can't match ... somewhere. I'm confused.
Any ideas?
-
If you were to post the firewall block log entries and the rules you think should be passing the traffic, someone else might be able to tell what you're doing wrong.
-
I've managed to get the traffic to pass by creating a modified firewall rule (based on the auto generated NAT fw rule) which relaxes the destinations and the port range. Why the NAT generated rule doesn't work I do not know.
When I get a chance - I'll dig out the log / rules and post up as suggested.