Using Static Ports on Manual Outbound NAT?



  • After fiddling around with my asterisk server behind pfSense for a too long time, I finally could get it to work, by switching to "Manual Outbound NAT rule generation", and enabling "Static Port" for the "Auto created rule for LAN".

    I think I do not really understand that function.

    Is there any disadvantage, if setting "Static Port" for the "Auto created rule for LAN"?
    If not, why is this not enabled by default?



  • Here are some infomations…
    http://doc.pfsense.org/index.php/Static_Port



  • Awkward, I've seen that page before, but I didn't think, that that could be the source of my problems at that time (since all found topics on SIP & NAT pointed to lots of other problems).

    Fact is, that rewriting the source port broke the RTP connections, it was not related to the SIP port (5060) itself.

    Would it really be just fine, to leave it with general static ports, or should I just assign static ports for the defined RTP-range (in my case UDP 10000 - 10200)?



  • Those are great questions. I was in the same position a few weeks back. I ended up creating a "special" outbound rule for my Asterisk server, but I have the same question regarding benefits or drawbacks of doing it in one way or the other.

    Any explanation by someone who knows would be greatly appreciated.

    Thanks in advance.




Log in to reply