Re: [pfSense] pfSense and SIP

Tue, 09 Jan 2018 08:03:07 -0800 


On 09-01-2018 15:49, Roberto Carna wrote:

Special thanks to both of you...

With ANY I mean "all TCP and UDP ports".

Maybe when the remote peer sends to my PBX the SIP packet with the SIP
Options, the response from the PBX is a SIP packet defined as
ESTABLISHED traffic....and this ESTABLISHED feature is not working or
not defined in pfSEnse firewall rules ??? Because the SIP response
packet from PBX to the remote peer is not a new traffic, is an
established traffic....




Well, certainly being able to run a packet capture on the PBX will aid 
your troubleshooting, at least to see if _any_ packets are being 
received by the SIP peer...



You need to ensure that you _don't_ have siproxd package installed, as 
this can interfere with your non-NAT set up.




Thanks a lot again, regards!!!

2018-01-09 12:17 GMT-03:00 Giles Coochey <[email protected]>:

On 09/01/2018 14:34, Roberto Carna wrote:


Dear, I have an Asterisk PBX in a DMZ behind a pfSense and a remote
peer out of the pfSense. I connect PBX and Peer in order to establish
a SIP trunk.


In the path "PBX -- pfSense -- SIP trunk peer" there is no NAT at 
all.


So we have generated two firewall rules:

PBX --> SIP Peer with ANY
SIP Peer --> PBX with ANY




When you say any, is it a bit unclear, Protocol any? or TCP any, UDP 
any?


Could you elaborate on the exact rules you have set up?



But often the SIP packets coming from the SIP Peer don't cross the
pfSEnse to PBX. The packets never reach my PBX.

Is there any feature I have to enable/disable in pfSense in order to
work with SIP protocol to have established the SIP trunk ???

The SIP trunk provider tell me that the SIP Options they send me are
not responded by us.

Thanks a lot,

ROBERT
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold




_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold






















					Reply via email to