I am in the same situation as you, I put a request up a while back but there was no replies to it.
Im using 2.0-Release upgraded from 2.0 something a while back. I have not done a clean install of 2.0-Release. Nat reflection is enabled for the couple of https NAT forward rules we have and also for VOIP (both sip and the signalling range of ports) for Asterisk. Nat reflection works perfectly well for https but I cant get phones to register internally using external hostname. I tried to recreate the rule but no success. To be fair I havent looked deeply enough into this, It doesnt really affect us apart from when I need to send a phone to an external user, I want to check it is OK before posting. In these cases I use a "true" external test and plug the phone into our guest network which is completly seperate. If I find anything I will let you know. It would be good to know if any one with a clean 2.0 release install and not an upgrade can get this to work. Gavin -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of David Burgess Sent: 24 November 2011 02:17 To: pfSense support and discussion Subject: [pfSense] NAT reflection and SIP registration I have the SIP client in my Android 2.3 phone set up to register to my local Askozia (Asterisk) PBX. The problem I'm having is that if I use the FQDN of the PBX server, the SIP client only registers when I'm off the network. In order to have the SIP client register successfully when on the local network, I have to drop the domain part and just use the hostname. Obviously this creates problems when I'm not on the local network. It used to work to just use the FQDN and the SIP client would register whether I was local or not. I'm not sure why it quit working, whether it was the upgrade from pfsense 2.0-RC to 2.0-RELEASE, or if it was the upgrade of the phone from Cyanogenmod 7.0 to 7.1. The PBX server has a RFC1918 address and pfsense is doing NAT for it to the internet. I'm using pfsense's DNS Forwarder on the internal network along with the first two DHCP options. If I ping the PBX server's hostname from the Android terminal I get a response from the internal address. Likewise, if I ping the PBX's FQDN I get a response, again from the internal address. If I do an nslookup on the FQDN from Android, I get the WAN address as a response, even if I create a host override entry in pfsense's DNS Forwarder. So I'm actually not sure what the problem is. Android's SIP client just times out when trying to register locally, and Askozia's logs don't create any entry. Neither device supports tcpdump to my knowledge, and with them both being on the same LAN I can't really see what's happening between them on the network (I guess I could probably do this from the switch or AP). Any ideas on the problem or a workaround? db _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
