When I created the nat rule, add associated filter rule is default... There is a filter rule for each port...
As for the lock down, the plan is to lock it down when it works! --Tiernan On Thu, Feb 12, 2015 at 3:07 PM -0800, "Chris Bagnall" <pfse...@lists.minotaur.cc<mailto:pfse...@lists.minotaur.cc>> wrote: On 12 Feb 2015, at 20:33, Tiernan OToole <tier...@tiernanotoole.ie> wrote: > The steps I took was: > Firewall/NAT, Add, interface = WAN1, proto TCP, src addr and port are both *, > dest = 5060, nat IP (internal ip of the voip box), nat ports 5060 > Did this for each WAN connection and again for other ports… but the VoIP > firewall the ports aint open… What am I doing wrong? > It works on port 80! Why not SIP?! What did you select for “Filter Rule Association” ? If I recall correctly, selecting ‘pass’ won’t work in a multi-WAN environment; you need to let it create a linked filter rule. (as an aside, unless you specifically want SIP calls from the internet at large, you might want to lock down your incoming SIP rules to only allow connections from your SIP supplier - there are just too many SIP attacks out there these days to leave it open to the world unless you really need to) Kind regards, Chris -- C.M. Bagnall This email is made from 100% recycled electrons _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
_______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold