FreePBX and Pfsense



  • I need to have a remote SIP extension for my FreePBX server, but I can't port forward it through my NAT. It worked perfectly on my crappy Linksys router. This does not work, https://doc.pfsense.org/index.php/Asterisk_VoIP, because it for connecting to a PBX outside of the network. So what do I do? I forwarded ports 5060 and 10000, 20000. If someone has this working please tell me your configuration. I really appreciate it!

    Thanks,

    Brandon



  • What type of phone/device/pbx is your "remote SIP extension"?

    My first suggestion would be to keep it simple, I wouldn't go down the SIPProx route without exhausting all the other possibilities first.
    If it worked well with a basic Linksys, you likely need a basic NAT setup with perhaps some tweaks under pfSense.

    The other thing to watch for as you're making changes and trying them out, very often you'll need to do a States->Reset or even a full restart at one or the other (or both ends).  SIP can be very cumbersome to troubleshoot as various devices try to adapt to what they "think" your environment requires.  Stable once established, but tricky to get right from scratch.

    On the positive side, I've got more than one setup managing SIP connections through pfSense.  I even have a Voip client on my phone that can connect to my home FreePBX box.



  • could you show your NAT rules? I had this problem one time that I had ftp  rule ontop of my SIP rules and it was not connecting



  • FreePBX and pfSense play nicely. The problem for me was almost always on the FreePBX side.

    Does registration work? Have you forwarded the entire range for RTP-communications, or just the two ports? Did you forward the right protocol RTP needs UDP in the default.

    Did you set the appropriate networks in FreePBX? Often there is some form of deny-setting for remote networks.



  • Thanks for the replies everyone!

    I am going to try this and see if it works,

    https://doc.pfsense.org/index.php/PBX_VoIP_NAT_How-to

    I am glad to see someone has got it working. When I get home from work I will post my NAT setup and my FreePBX config. Also, my devices are two Gandstream HT701 ATAs and 1 Cisco 7940. They both don't register, but they did before on my Linksys. If it helps, everything works locally. (192.168.x.x)

    Thanks again,

    Brandon



  • Hey everyone, I attached a screenshot of my SIP NAT rule and FreePBX settings. I can't register at all externally and port checker websites say that the ports are closed.

    Thanks,

    Brandon

    ![Screen Shot 2015-10-30 at 2.15.50 PM.png](/public/imported_attachments/1/Screen Shot 2015-10-30 at 2.15.50 PM.png)
    ![Screen Shot 2015-10-30 at 2.15.50 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-10-30 at 2.15.50 PM.png_thumb)
    ![Screen Shot 2015-10-30 at 2.20.01 PM.png](/public/imported_attachments/1/Screen Shot 2015-10-30 at 2.20.01 PM.png)
    ![Screen Shot 2015-10-30 at 2.20.01 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-10-30 at 2.20.01 PM.png_thumb)
    ![Screen Shot 2015-10-30 at 2.19.32 PM.png](/public/imported_attachments/1/Screen Shot 2015-10-30 at 2.19.32 PM.png)
    ![Screen Shot 2015-10-30 at 2.19.32 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-10-30 at 2.19.32 PM.png_thumb)



  • What do you WAN and LAN Firewall->Rules look like?

    You might try temporarily turning on logging of the rules you think should be applied to see if they are getting triggered at all.

    As always, try and change one thing at a time and test…...


Log in to reply