It is possible to use not NAT able VoIP Softswitch behind pfsense/siproxd

  • We are using a not NAT able VoIP Softswitch (squire MG) behind a pfsense Firewall and connect to diffrent SIP Endpoints. The softswitch only have a local IP and the Endpoints are public IPs. The pfsense is configured as 1:1 NAT with one of our public IPs and there are Rules enabled in the firewall to allow traffic on SIP and RTP Ports they are NATed to the local IP of the Softswitch.

    local IP -> pfsense/siproxd -> SIP endpoint

    I'am able to setup a SIP endpoint on the softswitches and can accept traffic on them. But the SIP/SDP packages contain the local IP of the softwitch as contact URI. So the Endpoint cant send any ACK PAckages back to the softswitch because it isnt the public IP.

    With Google I find siproxd as solution for that NAT Problem but dont know how to configure it with pfsense that siproxd masquerade this localIP in the SIP/SDP Packages. I have enable siproxd and set inbound Interface to WAN and outbound Interface to LAN. The Problem is that that the soft switch is connected as SIP Trunk so the siproxd don't know where to route the traffic.

    sip_find_direction: unable to determine direction of SIP packet

    Is it possible to reroute all traffic to the soft switch without send a 302 to the source?