On Tue, Feb 26, 2013 at 5:10 PM, Doug Sampson <[email protected]> wrote:
> Hello-**** > > ** ** > > We upgraded our phone system from an analog system to a Digium Switchvox > D65 PBX. I would like to replace our home brewed Linux router with pfsense > 2.0.2 but am having trouble making a good phone connection. While the > home-brewed router has worked well in the past, traffic-shaping is not one > of its strengths.**** > > ** ** > > Our PBX sits inside the firewall with 15 SIP phones connected to it. The > PBX is connected via SIP to our SIP provider. What I did was to create port > forwarding for a variety of ports mainly 5060 UDP and 10000-20000 UDP in > the NAT section. I saw that the port forwarding rules were automatically > created. So far so good. However when we attempt to connect from the > outside, all we hear is blip blip blip. When we attempt to call from the > inside, the connection is made but there is no sound.**** > > ** ** > > I saw a bunch of support documents at the pfsense web site. One document > suggested to install sipproxy and configure it for the internal PBX. I also > came across an external document (http://www.voipvoip.com/switchvox/) > suggesting turning on NAT port forwarding within the Switchvox > configuration (see the Notes section toward the end). I tried this with the > Linux router but it didn’t like it. I haven’t tried that with pfsense. > Another consideration would be to assign a public IP address to the PBX box > and have all SIP phones connect to it from the inside- would that be the > better scenario?**** > > ** ** > > What I would be interested in knowing at this point what your experiences > with attempting to set up a SIP connection from an internal PBX box with a > SIP provider (in our case, Cbeyond) using a pfsense 2.0.2 box. Are there > any recommendation that you could offer to effect a fully functional SIP > connection? Most of the SIP phones are internal but it is planned to have a > few outside the LAN as well. Would it be more effective to place the PBX > outside the LAN? **** > > ** ** > > Any thoughts that you can offer would be greatly appreciated!**** > > ** ** > > ~Doug**** > > ** ** > > Doug, We currently are using a Switchvox 65 SMB connecting to an AT&T IP Flex SIP connection through pfsense 1.2.3 at two locations. Not sure how much has changed in 2.0.2, but it does work for us. We have two separate subnets internally, one for LAN and one for VoIP. Each has it's own physical port on the pfsense box (yes we could do it with one port and VLANS). Port forwarding looks ok to me from what you describe. One thing that may be different is we also have two rules in "Outbound NAT". We choose "Manual Outbound NAT rule generation". 1) WAN | {LAN IP/24} | * | * | * | * | * | NO 2) WAN } {VoIP IP/24 | * | * | * | * | * | YES Having Static port set to "Yes" for the VoIP subnet helped us initially get two way voice working. Do you have any firewall rules for this specifically? Allowing traffic in/out from the SIP provider? We did not need to use sipproxy for our setup to allow this to work. If you want to go through the Switchvox settings too let me know. I am not familiar with Cbeyond, but I have worked with a few different providers and even spent some time on the phone with AT&T Labs (Bell labs???) at one point when we were trying to get SipXecs working before switching to Switchvox. That is another story..... Andrew
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
