The pfSense Store

Author Topic: Allowing traffic in.  (Read 160 times)

0 Members and 1 Guest are viewing this topic.

Offline TomT

  • Jr. Member
  • **
  • Posts: 99
  • Karma: +1/-0
    • View Profile
Allowing traffic in.
« on: November 07, 2017, 05:30:53 pm »
Hi

Prior to making any changes this is all working fine for the SIP trunks on the local PBXs using specific NAT rules per SIP carrier.

This morning I removed all my NAT rules relating to SIP and created one WAN Rule.

Protocol: IPv4 TCP/UDP
Source: SIPAddresses Alias
Port: *
Destination: *
Port: *
Gateway: *
Queue: *

SIPAddesses is a list of ALL IP Addresses I want to allow access in, this includes SIP Signaling & RTP Media addresses.

Once I'd done this I restarted my pfSense and the two PBXs we have on the LAN.

Each PBX has multiple trunks from different providers (using ports 5060, 5065 or 5068)
Looking at the PBX logs there are lots of packets being sent to the carriers but no responses coming back.

I've not changed any other rules in LAN.
I have a default rule of:

Protocol: IPv4*
Source: LAN net
Port: *
Destination: *
Port: *
Gateway: WAN_PPPOE
Queue: *

So this looks like packets being blocked coming back in.

Should the above rule have allowed an traffic from the SIP IPAddresses to any PBX on my LAN, even if two different devices are using port 5060 ?

How can I work out what is wrong ?

Thanks

Offline TomT

  • Jr. Member
  • **
  • Posts: 99
  • Karma: +1/-0
    • View Profile
Re: Allowing traffic in.
« Reply #1 on: November 08, 2017, 04:30:47 pm »
Has anyone any ideas on this.

I've tried setting this up again and I end up with the traffic being blocked.

Should I be able to just open the WAN for the specified IP addresses and ports or would I need to use NAT and route to specific internal addresses ?

Thanks